Copper Cup Images SQLi

2018.05.28
ch Arm_Legi (CH) ch
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title: Copper Cup Images SQLi # dork : intext:"Site by Copper Cup Images" inurl:cat_id= or inurl:gallery_id= # Exploit Author: Arm_Legi (Anonplus) # Website: http://anonplus.tk/ # Date: 27 May 2018 # Vendor : https://www.tourismus-marketing-bayerischer-wald.de/internet.html and https://www.putzwerbung.de/webdesign.html # Version : Last Version # CVE: N/A Technical Details & Description: ===================================================================================================================== A remote sql-injection web vulnerability has been discovered in a web app of https://www.coppercupimages.com/ The vulnerability allows remote attackers to inject own malicious sql commands to compromise the connected web-server or dbms. ===================================================================================================================== Request Method(s): [+] GET Vulnerable File(s): [+] There is different file that use same parameter and all vulnerable Vulnerable Parameter(s): [+] cat_id= [+] gallery_id= [+] other ===================================================================================================================== Demo: http://www.questionpursuit.com/take-a-quiz_id22.php?step=1&cat_id=10 <-----(cat_id is vuln) https://www.visitbartlesville.com/frank-lloyd-wrights-price-tower_id58.php?action=view%27&place_id=50&cat_id=4<-----(cat_id is vuln) https://www.noark.org/galleries_id54?gallery_id=34 <------(gallery_id vuln) view-source:http://www.warnersound.com/portfolio_id51.php?gallery_id=2%27 <---- as you can see , you can only see the sql errors in the source of the web page! but is vuln!


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top