[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Populum 2.3 SQL injection vulnerability
# Published : 2010-01-13
# Author : SiLeNtp0is0n
# Previous Title : CiviCRM 3.1 < Beta 5 Multiple XSS Vulnerabilities
# Next Title : Hesk Help Desk 2.1 XSRF


# Exploit Title: Populum SQL injection vulnerability
# Author: -[SiLeNtp0is0n]-
# Version: 2.3

::::::::::::::ProUd to Be InDiaN::::::::::::::

~AuthoR : -[SiLeNtp0is0n]-
~Vuln. App : Populum version 2.3
~App Detail : Content management software for hybrid blog/media/commerce communities
~VuLneraBiLity : SQL injection
~DoRk : "Powered by Populum"
~My HoMe : www.andhrahackers.com
~gReetZ : Mr.XXXX ShRushe tRif0Rce h3LLb0y bRonRiC
~SpL gReetZ : TeamICW

:::::::::::::::::::::::::::::::::::::::::::::::

Vulnerable :

127.0.0.1/populum/diarypage.php?did=[SQL injection]
127.0.0.1/populum/link.php?id=[SQL injection]