Thailand Gov Custom Blog WebApp SQL Injection

2015-06-01 / 2015-06-02
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

========================================================= [+] Title :- Thailand Gov Custom Blog WebApp SQL Injection [+] Date :- 1 - June - 2015 [+] Exploit Author :- Shelesh Rauthan (ShOrTy420 aKa SEB@sTiaN) [+] Team name :- Team Alastor Breeze [+] The official Members :- Sh0rTy420, P@rL0u$, !nfIn!Ty, Th3G0v3Rn3R [+] Greedz to :- @@lu, Lalit, MyLappy:3, Diksha [+] Facebook :- fb.com/shelesh.rauthan [+] Gmail.com :- indian.1337.hacker@gmail.com ========================================================= [+] Dork site:go.th inurl:"id_sub_menu=" site:th inurl:"id_sub_menu=" ========================================================= [+] About :- Thailand government authority running an custom blog web application on major websites which is vulnerable to SQL injection! SQL Vulnerable component Link : /home/ABC/domains/DOMAIN.go.th/public_html/core_main/module/web/blog/blog.php ========================================================= [+] DisCription :- Google search from the above given google Dorks, open any site from the given result having "web/blog&id_sub_menu=" present in url Note:- Replace "&namemenu=" parameter from the end of url SQL Vulnerable Link: "DOMAIN.go.th/XXX/index.php?mod=blog&path=web/blog&id_sub_menu=102%27" [+] Demo :- http://www.sXXXa.mXX.go.th/sappha/index.php?mod=blog&path=web/blog&id_sub_menu=102%27 http://www.seXXX9.go.th/web/spm19/index.php?mod=blog&path=web/blog&id_sub_menu=59%27 http://www.XXea6.go.th/cma/index.php?mod=blog&path=web/blog&id_sub_menu=45%27 http://thiXc.th/index.php?mod=blog&path=web/blog&id_sub_menu=48%27 ========================================================= Severity Level: [+] High Request Method(s): [+] GET / POST Vulnerable Parameter(s): [+] id_sub_menu, blog Affected Area(s): [+] Entire admin, database, Server ===========================================================

References:

http://fb.com/shelesh.rauthan


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top