Cornerstone CMS SQL injection Vulnerability

2012-01-04 09:15:18


.___ .___ .__ _________ .___
| | ____ __| _/ ____ ____ ____ ______|__|_____ ____ \_ ___ \ ____ __| _/ ____ _______
| | / \ / __ | / _ \ / \ _/ __ \ / ___/| |\__ \ / \ / \ \/ / _ \ / __ | _/ __ \ \_ __ \
| || | \/ /_/ | ( <_> )| | \\ ___/ \___ \ | | / __ \_| | \\ \____( <_> )/ /_/ | \ ___/ | | \/
|___||___| /\____ | \____/ |___| / \___ >/____ >|__|(____ /|___| / \______ / \____/ \____ | \___ > |__|
\/ \/ \/ \/ \/ \/ \/ \/ \/ \/

[~]===========================================================================[~]

[~]Title : CMS Cornerstone Sql injection Vulnerability
[~]Vendor : http://www.cstech.net.au/
[~]Author : tempe_mendoan
[~]Contact : http://indonesiancoder.com/
[~]Google Dork : "CMS by Cornerstone Technologies"
[~]Date : 05.01.2012
[~]Tested on : BT 5

[~]===========================================================================[~]

#################################################################################

===[ Example Exploit ]===

[?] http://localhost/default.asp?id=[SQL]

##################################################################################


Greats T0 :

./ And All My Friend

Note :

./ I Love You Dila :*

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.