header-logo
Suggest Exploit
vendor:
OneOrZero AIMS
by:
Valentin Hoebel
N/A
CVSS
N/A
SQL Injection and Local File Inclusion
89, 94
CWE
Product Name: OneOrZero AIMS
Affected Version From: 2.6.0
Affected Version To: 2.6.0
Patch Exists: Unknown
Related CWE: Unknown
CPE: a:oneorzero:oneorzero_aims
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Unknown
2010

OneOrZero AIMS v2.6.0 Members Edition Multiple Vulnerabilities

Multiple scripts and parameters are affected by remote SQL injection vulnerabilities. You can also manipulate SQL queries with the help of various search fields of this web app. Some example URLs: index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=saved_search&global=1&id=[SQL Injection] index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=show_item_search&item_types=[SQL Injection] index.php?controller=[LFI]&subcontroller=app_oneorzerotimemanager_manage&option=show_report This vulnerability can be tricky to exploit. If OpenBaseDir is set, you can at least view files in the directory of this web software.

Mitigation:

Set OpenBaseDir to prevent Local File Inclusion.
Source

Exploit-DB raw data:

[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
>> General Information 
Advisory/Exploit Title = OneOrZero AIMS v2.6.0 Members Edition Multiple Vulnerabilities
Author = Valentin Hoebel
Contact = valentin@xenuser.org


[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
>> Product information
Name = OneOrZero AIMS
Vendor = OneOrZero
Vendor Website = http://oneorzero.com/
Affected Version(s) = 2.6.0


Hint: The vulnerabilities can only be seen if you are logged in. 
[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
>> SQL Injection
Multiple scripts and parameters are affected by remote SQL injection vulnerabilities.
You can also manipulate SQL queries with the help of various search fields of this
web app.

Some example URLs:
index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=saved_search&global=1&id=[SQL Injection]
index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=show_item_search&item_types=[SQL Injection]


>> Local File Inclusion
index.php?controller=[LFI]&subcontroller=app_oneorzerotimemanager_manage&option=show_report
This vulnerability can be tricky to exploit. If OpenBaseDir is set, you can at least
view files in the directory of this web software.


[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
>> Additional Information
Advisory/Exploit Published = 13.11.2010


[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
>> Misc
Greetz = cr4wl3r, JosS, packetstormsecurity.org, exploit-db.com


[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]

Navigation

Suggest Exploit

Services By CQR