Xoops 2.5.4 Blind SQL Injection

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Xoops 2.5.4 Blind SQL Injection
# Published : 2011-12-11
# Author :
# Previous Title : QContacts 1.0.6 (Joomla component) SQL injection
# Next Title : Support Incident Tracker <= 3.65 Remote Command Execution

------------------------------------------
# Xoops 2.5.4 Blind SQL Injection
------------------------------------------

# Dork: "Powered by XOOPS 2.5.4"
# Download: http://sourceforge.net/projects/xoops/
# Date: 10/12/2011
# Author: blkhtc0rp
# Mail: blkhtc0rp[at]yahoo[dot]com
# Tested on: Freebsd 8 and Debian Squeeze


Note:

In order to be successful an attacker must have permission to access the administration menu.

Exploit:

http://192.168.1.109/xoops-2.5.4/modules/system/admin.php?fct=users&selgroups=[Blind Sqli]