CMS e107 plugin SQL Injection Vunerabilities

CVE	Category	Price	Severity
Not provided	CWE-89 (SQL Injection)	Not provided	High

Author	Risk	Exploitation Type	Date
Not provided	High	Remote	2011-04-29

CVSS	EPSS	EPSSP
Not provided in the mentioned URL	0.02192	0.50148

CVSS vector description

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2011040123

Below is a copy:

CMS e107 plugin SQL Injection Vunerabilities
Arrow  SecurityAlert : None
Arrow  Date :     2011-04-22
Arrow  Credit          : Spy Boys Underground Security Team
Arrow  Added by     : NoL1m1t
Arrow  SecurityRisk : High  Security Risk
Arrow  Remote : Yes
Arrow  Local     : No
Arrow  Status   : Bug

#################################################################

[+] Exploit Title: CMS e107 plugin SQL Injection Vunerabilities

[+] Author: NoL1m1t

[+] Team : Spy Boys Underground Security Team

###########################[ Exploit ]###########################

http://site.com/plugins/image_gallery/image_gallery.php?page=image-detail&album=2&image=[sqli]


###########################################################

#################################################################

BY : NoL1m1t [[email protected]]


Web Site : www.spy-boys.com

              www.kamyab-hack.org



=-=-=-=-=-=-=-=-=-=-=-=-=-=(Thanks)=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

NoL1m1t - Spy-Boy - dr.web - Mr.Destiny - w@rm - mahan0712 - H@CK3R $2H - Farshad!!!a

#################################################################

Arrow  References :  

www.spy-boys.com
www.kamyab-hack.org

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum