header-logo
Suggest Exploit
vendor:
NetBilletterie
by:
Wadeek
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: NetBilletterie
Affected Version From: 2.8
Affected Version To: 2.8
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows 7 with Xampp
2016

NetBilletterie 2.8 | Multiple Vulnerabilities

The NetBilletterie 2.8 software is vulnerable to multiple SQL Injection attacks. These include time-based blind SQL Injection and boolean-based blind SQL Injection. An attacker can exploit these vulnerabilities to execute arbitrary SQL commands and potentially gain unauthorized access to the database.

Mitigation:

To mitigate these vulnerabilities, it is recommended to properly sanitize and validate user input before using it in SQL queries. Additionally, using prepared statements or parameterized queries can help prevent SQL Injection attacks.
Source

Exploit-DB raw data:

# Exploit Title: NetBilletterie 2.8 | Multiple Vulnerabilities
# Date: 14/07/16
# Exploit Author: Wadeek
# Website Author: https://github.com/Wad-Deek
# Vendor Homepage: http://net-billetterie.tuxfamily.org/
# Software Link: https://sourceforge.net/projects/netbilletterie/files/
# Demo Link: http://net-billetterie.tuxfamily.org/NetBilletterieDemo/login.inc.php
# Version: 2.8
# Tested on: Xampp on Windows7
# Fuzzing tool: https://github.com/Trouiller-David/PHP-Source-Code-Analysis-Tools

[phpinfo()]
################################################################
(200) => http://localhost/netbilletterie/php_info.php
################################################################

[6 SQL Injection (Type: time-based blind)]
################################################################
(200) => http://localhost/netbilletterie/lister_detail_bon.php?date_debut=*
(200) => http://localhost/netbilletterie/lister_pointes_ok.php?date_debut=*
(302) => http://localhost/netbilletterie/delete_article.php?article=*
(302) => http://localhost/netbilletterie/delete_banque.php?id_banque=*
(302) => http://localhost/netbilletterie/delete_tarif.php?id_tarif=*
(302) => http://localhost/netbilletterie/del_client.php?num=*
################################################################

[2 SQL Injection (Type: boolean-based blind)]
################################################################
(200) => http://localhost/netbilletterie/fpdf/liste_spectateurs.php?article=*
(200) => http://localhost/netbilletterie/fpdf/liste_spectateurs_attente.php?article=*
################################################################

Navigation

Suggest Exploit

Services By CQR