[webapps / 0day] - mediaforce CMS SQL Injection Vulnerabilit
Posted on 01 November 2010
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /><meta http-equiv='Content-Language' content='en' /><title>mediaforce CMS SQL Injection Vulnerability | Inj3ct0r - exploit database : vulnerability : 0day : shellcode</title><meta name='description' content='mediaforce CMS SQL Injection Vulnerability by cyberlog in webapps / 0day | Inj3ct0r - exploit database : vulnerability : 0day : shellcode' /><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon' /><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss' /><script type='text/javascript'>var _gaq = _gaq || [];_gaq.push(["_setAccount", "UA-12725838-1"]);_gaq.push(["_trackPageview"]);(function(){var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true;ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js";var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s);})();</script></head><body><pre>========================================== mediaforce CMS SQL Injection Vulnerability ========================================== Special to r0073r a.k.a Inj3ct0r.com, may this is the last my exploit, after that i'm going to resign from inj3ct0r m3mb3r, because I have another jobs that aren't on professional audit web field. I hope the inj3ct0r can success like milw0rm even more & Sekuritionline can be your partner. Thanks for education that i have from this site adi a.k.a cyberlog a.k.a sekuritionline __ __ .----..--.--.| |--..-----..----.| |.-----..-----. | __|| | || _ || -__|| _|| || _ || _ | |____||___ ||_____||_____||__| |__||_____||___ | |_____| |_____| #################################################### # mediaforce CMS SQL Injection Vulnerability #################################################### # Vendor : http://www.mediaforce.ca # prices : Not Yet:P # Discovered by : cyberlog # Site : Sekuritionline.net # Channel : #SekuritiOnline & #Bajingan [ Now Just My Bot ] # Dork : "index_f.php?page= "Powered by Website Design by Mediaforce" or U can modification :P # Exploit : [site]/index_f.php?= [SQL Injection] # Thanks : GOD,r0073r,adhietslank, k1n9k0ng, cr4wl3r,cah_gemblunkz, jayoes,thesims,setiawan,irvian,EA_Angel,BlueSpy,SoEy,A-technique,Jantap,KiLL,blindboy,sukam, SarifJedul,wiro_gendenk,Letjen,ridho_bugs,Ryan_Kabrutz,aurel666,Inof,dbanie, GuA_NinOx, ant0_h@ck, marlon_inside # special to Mama Sri Rahayu, Member& Staff Sekuritonline,Inj3ct0r, H4ckb0x,JatimCr3w,ManadoCoding Friends, Bajingan Crew, # C0li a.k.a antisecurity [ pinjem script perl-na ] # Hiroyuki Doni thanks to create New design SO T-shirt P # Inj3ct0r Now Brothers with Sekuritionline #################################################### # Demo offline: # http://localhost/index_f.php?page= [SQL Injection] # demo online : # http://www.bouletboots.com/index_f.php?page=12 # Result : administrator, access level: XA1579, passwd staff: 911e5c48ddc066cf6114138ac4fc26e5 #################################################### We never die !!!! indonesian Underground Community !!!!! anjing buat oknum Pemerintah yang suka nilep uang rakyat !!! !!!!! anjing juga buat admin site indon3sia yang merasa sok h3bat, dikasih tahu ada hole malah nyolot !!!!! Give me NOCAN Brothers am nt hacker just Lik3 Syst3m S3curity ################################################################################################################### # Berjalanlah dengan penuh keyakinan !! cyberlog was here ##################################################################################################################### .-----..-----.| |--..--.--..----.|__|| |_ |__|.-----..-----.| ||__|.-----..-----. |__ --|| -__|| < | | || _|| || _|| || _ || || || || || -__| |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-11-01]</pre></body></html>
