Tausch Ticket Script V3 Multiple Remote SQL Injection Vulnerabilities

2009-07-15 / 2009-07-16

Credit: Moudi

Risk: High

Local: No

Remote: Yes

CVE: CVE-2009-2428

CWE: CWE-89

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

        [] I'm back <3 VB6

        [] Tausch Ticket Script V3 Multiple Remote SQL Injection Vulnerabilities

	[] Script:             [ Tausch Ticket Script V3 ]
	[] Language:           [ PHP ]
        [] Download:           [ http://www.phppower.eu/product_info.php/cPath/32/products_id/241 ]
	[] Founder:            [ Moudi <m0udi@9.cn> ]
        [] Thanks to:          [ MiZoZ , ZuKa , str0ke , and all hackers... ]
        [] Team:               [ EvilWay ]
        [] SiteWeb:            [ Visit - www.opensc.ws ]
        [] Price:              [ 289.00EUR ]

===[ Exploit SQL ]===	
	
	[] http://www.tauschregal.de/suchauftraege_user.php?userid=[SQL]
        [] http://www.tauschregal.de/vote.php?descr=[SQL]
        [] ps: have some other sql , but i am tired to do all :D


===[ Exploit BLIND SQL ]===	
	
	[] http://www.tauschregal.de/vote.php?descr=[BLIND]

Author: Moudi

References:

http://secunia.com/advisories/35725

http://packetstorm.linuxsecurity.com/0907-exploits/tausch-sql.txt

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Tausch Ticket Script V3 Multiple Remote SQL Injection Vulnerabilities

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.