Populum 2.3 - SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1058993 漏洞类型
发布时间 2010-01-13 更新时间 2010-01-13
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/11126
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# Exploit Title: Populum SQL injection vulnerability
# Author: -[SiLeNtp0is0n]-
# Version: 2.3

::::::::::::::ProUd to Be InDiaN::::::::::::::

~AuthoR : -[SiLeNtp0is0n]-
~Vuln. App : Populum version 2.3
~App Detail : Content management software for hybrid blog/media/commerce communities
~VuLneraBiLity : SQL injection
~DoRk : "Powered by Populum"
~My HoMe : www.andhrahackers.com
~gReetZ : Mr.XXXX ShRushe tRif0Rce h3LLb0y bRonRiC
~SpL gReetZ : TeamICW

:::::::::::::::::::::::::::::::::::::::::::::::

Vulnerable :

127.0.0.1/populum/diarypage.php?did=[SQL injection]
127.0.0.1/populum/link.php?id=[SQL injection]