PicoPublisher 2.0 SQL Injection

2012-03-29T00:00:00
ID PACKETSTORM:111274
Type packetstorm
Reporter ZeTH
Modified 2012-03-29T00:00:00

Description

                                        
                                            `# Exploit Title : PicoPublisher v2.0 Remote SQL injection  
# Date : 29/03/2012  
# Author : ZeTH  
# Contact : zeth/at/hacktheplan8/dot/com http://www.hacktheplan8.com  
# Vendor : Pico Software   
# Site : http://pico.no/  
# Version : 2.0  
# Price : $29,00  
# Demo : http://picopublisher.com/demo/  
# Dork : intext:"Drives med PicoPublisher"  
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::  
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::  
--[1]-- Introduction  
PicoPublisher business software  
PicoPublisher is a product from Pico Software  
  
[Manage your website]  
  
PicoPublisher makes it easy to manage your website. With the built in   
templates you can add columns, slideshows, tabs, boxes and videos   
directly from the text editor.  
  
[Manage your customers]  
  
CRM systems are often too expensive for small businesses. With   
PicoPublisher you can manage your customers just as easy as your   
website. And at the same place!  
  
[Create invoices]  
  
Create professional PDF invoices in seconds. Add products to the   
database and insert products to the invoice directly. You will get  
notifications when invoices are overdue.  
  
  
--[2]-- Vulnerability  
Files :  
[+] page.php  
[+] single.php  
  
Attack Method : Remote SQL injection  
  
POC :  
[+] http://site/page.php?id=SQLi  
[+] http://site/single.php?id=SQLi  
  
Tables :  
  
+-------------------+  
| customers  
| expenses  
| gallery_category  
| gallery_photos  
| invoice_reminders  
| invoices  
| invoices_product  
| menu_items  
| menus  
| notes  
| options  
| orders  
| orders_product  
| pages  
| pico_comments  
| pico_config  
| pico_karma_voted  
| posts  
| product_list  
| users  
+-------------------+  
  
--[3]-- Greetz  
hacktheplan8 [hellcome to new friends kasp3r, Pitung]  
MainHack Brotherhood, Kecoak Elektronik, Echo  
packetstormsecurity, exploit-db, 1337day  
Paman, Vrs-hCk, OoN_BoY, em|nem, [S]hiro, Martin, xshadow, ElDiablo,   
Furkan, pizzyroot, H312Y  
`