SOOP Portal Raven 1.0b - SQL Injection

EDB-ID:

17228

CVE:

N/A


Platform:

ASP

Published:

2011-04-29

# Exploit Title: SOOP Portal Raven 1.0b sql injection
# Google Dork: Powered by SOOP Portal Raven 1.0b
# Date: [date]
# Author: Evil-Thinker
# Version: Raven 1.0b
# Tested on: Windows
# Soft Technologie : ASP.net

Exploit Details :
----------------------------------------------------------------
1- Register On the Target 

2- Browse This Link : /forum/pm_show_message.asp?ID=  "it's a message on Your Inbox"

3- Poc: www.site.com//forum/pm_show_message.asp?ID=(inject here)
----------------------------------------------------------------

****** SSMM T34M ******
Greatz : Zakacinho , Michel , and all SSMM Members 
****** SSMM T34M ******