[webapps / 0day] - AiWrite CMS SQL Injection Vulnerability
Posted on 19 December 2010
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'><html xmlns='http://www.w3.org/1999/xhtml'><head><meta http-equiv='Content-Type' content='text/html; charset=utf-8' /><meta http-equiv='Content-Language' content='en' /><title>AiWrite CMS SQL Injection Vulnerability | Inj3ct0r - exploit database : vulnerability : 0day : shellcode</title><meta name='description' content='AiWrite CMS SQL Injection Vulnerability by cyberlog in webapps / 0day | Inj3ct0r 1337 - exploit database : vulnerability : 0day : shellcode' /><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon' /><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss' /><script type='text/javascript'>var _gaq = _gaq || [];_gaq.push(["_setAccount", "UA-12725838-1"]);_gaq.push(["_setDomainName", "none"]);_gaq.push(["_setAllowLinker", true]);_gaq.push(["_trackPageview"]);(function(){var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true;ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js";var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s);})();</script></head><body><pre>======================================= AiWrite CMS SQL Injection Vulnerability ======================================= # AiWrite - Content Management System (CMS) SQL Injection Vulnerability # AiCart – ecommerce shopping cart SQL Injection Vulnerability #################################################### # Vendor : http://aiwood.ca # prices : Not Yet:P # Discovered by : cyberlog # Site : Sekuritionline.net # Channel : #SekuritiOnline & #Bajingan [ Now Just My Bot ] # Dork : "Mak Lampir" :P # Exploit : [site]/publications.php?action=view&nid= [SQL Injection] [site]/attorney.php?action=view&nid= [SQL Injection] [site]/store.php?rid= [SQL Injection] [site]/store.php?action=view_product&pid= [SQL Injection] # Thanks : GOD,r0073r,adhietslank, k1n9k0ng, cr4wl3r,cah_gemblunkz, jayoes,thesims,setiawan,irvian,EA_Angel,BlueSpy,SoEy,A-technique,Jantap,KiLL,blindboy,sukam, SarifJedul,wiro_gendenk,Letjen,ridho_bugs,Ryan_Kabrutz,aurel666,Inof,dbanie, GuA_NinOx, ant0_h@ck, marlon_inside # special to Mama Sri Rahayu, Member& Staff Sekuritonline,Inj3ct0r, H4ckb0x,JatimCr3w,ManadoCoding Friends, Bajingan Crew, # C0li a.k.a antisecurity [ pinjem script perl-na ] # Hiroyuki Doni thanks to create New design SO T-shirt P # Inj3ct0r Now Brothers with Sekuritionline # Inj3ctor Moved http://1337db.com/ #################################################### # Demo offline: # http://localhost/store.php?action=view_product&pid= [SQL Injection] #################################################### We never die !!!! indonesian Underground Community !!!!! anjing buat oknum Pemerintah yang suka nilep uang rakyat !!! !!!!! anjing juga buat admin site indon3sia yang merasa sok h3bat, dikasih tahu ada hole malah nyolot !!!!! Give me NOCAN Brothers am nt hacker just Lik3 Syst3m S3curity ################################################################################################################### # <a href='http://1337db.com/'>1337db.com</a> [2010-12-19]</pre></body></html>
