toronja cms SQL Injection Vulnerability
Posted on 27 May 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>toronja cms SQL Injection Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>======================================= toronja cms SQL Injection Vulnerability ======================================= __ __ .----..--.--.| |--..-----..----.| |.-----..-----. | __|| | || _ || -__|| _|| || _ || _ | |____||___ ||_____||_____||__| |__||_____||___ | |_____| |_____| #################################################### # toronja cms SQL Injection Vulnerability #################################################### # Vendor:http://www.toronja.com.pe/ # Discovered by : cyberlog # Site : Sekuritionline.net # Channel : #SekuritiOnline [ Now Just My Bot ] :P # Dork : "sitio web diseñado por www.toronja.com.pe" ] # Exploit : [site]/index.php?plantilla=contenido_lista&ncategoria1=[SQL Injection] [site]/interior.php?IDIOMA=SP&plantilla=contenido&ncategoria1=[SQL Injection] # Thanks : r0073r,adhietslank, k1n9k0ng, cr4wl3r,cah_gemblunkz, jayoes,thesims,setiawan,irvian,EA_Angel,BlueSpy,SoEy,A-technique,Jantap,KiLL,blindboy,sukam, SarifJedul,wiro gendeng,Letjen,ridho_bugs,Ryan Kabrutz,Mathews,aurel666,Inoef,dbanie, # special to Mama Sri Rahayu, Member& Staff Sekuritonline, C0li a.k.a antisecurity [ pinjem script perl-na ] :), # Hiroyuki Doni thanks to create New design SO T-shirt :)P # Inj3ct0r Now Brothers with Sekuritionline #################################################### # Demo: # http://localhost/index.php?plantilla=contenido_lista&ncategoria1=[SQL Injection] #################################################### We never die !!!! indonesian Underground Community !!!!! anjing buat oknum Pemerintah yang suka nilep uang rakyat !!! !!!!! anjing juga buat admin site indon3sia yang merasa sok h3bat, dikasih tahu ada hole malah nyolot !!!!! KacrUt I h@te U :P [ jika kau tidak mau aku katakan LOv3 ] Give me NOCAN Brothers :P am nt hacker just Lik3 Syst3m S3curity .-----..-----.| |--..--.--..----.|__|| |_ |__|.-----..-----.| ||__|.-----..-----. |__ --|| -__|| < | | || _|| || _|| || _ || || || || || -__| |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-05-27]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
