MyCustomers version 1.3.873 suffers from a remote SQL injection vulnerability.
2f4222a07b82de124e338becccee82b40bd19c6939570f75d9088587d4bf9074
######################
# Exploit Title : MyCustomers Cms Sql Injection Vulnerability
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://www.iran-php.com/
# Google Dork : "Powered By IranPHP" & inurl:/index.php?DPT=IP17 & "Powered+by+MyCustomers-1.3.873"
# Date: 2015/11/28
# Version : 1.3
#
######################
# Vulnerable Paramter DPT=
# Demo:
# http://www.savehagahi.ir/index.php?DPT=IP17%27
#
# Youtube : https://www.youtube.com/watch?v=43DVOq5L2hw
#
# We reported to vendor but Anyone not responsive
# It's not joke
# We do not take responsibility
#
######################
# Discovered by :
# Mojtaba MobhaM & T3NZOG4N (t3nz0g4n@yahoo.com)
######################