Dede CMS - SQL Injection Vulnerability

2011-12-30T00:00:00
ID EDB-ID:18292
Type exploitdb
Reporter CWH and Nafsh
Modified 2011-12-30T00:00:00

Description

Dede CMS - SQL Injection Vulnerability. CVE-2011-5200. Webapps exploit for php platform

                                        
                                            # Dede Cms All Versions Sql Vulnerability Exploit
# </ No Priv8 , Everything is Public >
# Date: 30/12/2011 - 13:00
# Author: [ CWH ] | Finded By : Nafsh
# We Are : Mr.M4st3r , Nafsh , Skote_Vahshat , HijaX
# Support: Cyberwh.org
# Mail: Nafsh@live.com
# Software Website: http://www.dedecms.com
# Security Risk: High
# Platform: Php

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

[$] Dorks:  inurl:"id" "DedeCMS Error Warning!"

[#] Vulnerable Files : 

/list.php?id=[sql]
/members.php?id=[sql]
/book.php?id=[sql]

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
</ No Priv8 , Everything is Public >
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
#Cyberwh.org