[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Populum 2.3 SQL injection vulnerability
# Published : 2010-01-13
# Author : SiLeNtp0is0n
# Previous Title : CiviCRM 3.1 < Beta 5 Multiple XSS Vulnerabilities
# Next Title : Hesk Help Desk 2.1 XSRF
# Exploit Title: Populum SQL injection vulnerability
# Author: -[SiLeNtp0is0n]-
# Version: 2.3
::::::::::::::ProUd to Be InDiaN::::::::::::::
~AuthoR : -[SiLeNtp0is0n]-
~Vuln. App : Populum version 2.3
~App Detail : Content management software for hybrid blog/media/commerce communities
~VuLneraBiLity : SQL injection
~DoRk : "Powered by Populum"
~My HoMe : www.andhrahackers.com
~gReetZ : Mr.XXXX ShRushe tRif0Rce h3LLb0y bRonRiC
~SpL gReetZ : TeamICW
:::::::::::::::::::::::::::::::::::::::::::::::
Vulnerable :
127.0.0.1/populum/diarypage.php?did=[SQL injection]
127.0.0.1/populum/link.php?id=[SQL injection]