what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Seditio CMS SQL Injection

Seditio CMS SQL Injection
Posted May 14, 2015
Authored by Ashiyane Digital Security Team

Seditio CMS suffers from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
SHA-256 | 6fc784c2cf8e3e4d887cd6dedcf27e1a498c707a3482103944a3459ad64cc1f4

Seditio CMS SQL Injection

Change Mirror Download
[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]

Exploit Title : Seditio CMS SQL Injection Vulnerability

Exploit Author : Ashiyane Digital Security Team

Vendor Homepage: www.seditiocms.com

Google Dork : intext:Powered by Seditio CMS

Date : 2015-05-13

Tested On : linux Kali + Windows Se7en

Link Software : http://www.seditiocms.com/datas/users/1/1-10d40e-sed-en.rar


[-][-][-][-][-][-][-][-][-][-] DESCRITION [-][-][-][-][-][-][-][-][-][-]

Seditio CMS SQL injection vulnerabilities has been found and confirmed
within the software as an anonymous user.
The following URLs and parameters have been confirmed to suffer from
SQL injection.
Since link Redirect To . Injection can not manually
And all the data is converted to Base64

[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]

~ ~ ~> Location Online Site Dem0 <~ ~ ~

http://www.Target.com/page.php?id=[SQL]

[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]


Vulnerability File : page.php

Vulnerability CODE :

$sql = sed_sql_query("UPDATE $db_pages SET
page_count='".$pag['page_count']."' WHERE
page_id='".$pag['page_id']."'");

[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]
::: >> ASHIYANE THE FIRST SECURITY FORUM IN IRAN << :::

Discovered by : SeRaVo.BlackHat >> H.4.S.S.4.N <<

Special Tnx : H_SQLI.EMpiRe - Ac!D - Und3rgr0und - EviL ShaDoW

[-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-][-]
Login or Register to add favorites

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close