phpCheckZ 1.1.0 Blind SQL Injection Vulnerability

2010-10-20T00:00:00

Description

Exploit for php platform in category web applications

{"id": "1337DAY-ID-14522", "type": "zdt", "bulletinFamily": "exploit", "title": "phpCheckZ 1.1.0 Blind SQL Injection Vulnerability", "description": "Exploit for php platform in category web applications", "published": "2010-10-20T00:00:00", "modified": "2010-10-20T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/14522", "reporter": "Salvatore Fresta", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-02-15T19:09:52", "viewCount": 4, "enchantments": {"score": {"value": 0.1, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.1}, "sourceHref": "https://0day.today/exploit/14522", "sourceData": "=================================================\r\nphpCheckZ 1.1.0 Blind SQL Injection Vulnerability\r\n=================================================\r\n\r\nName phpCheckZ\r\n Vendor http://www.phpcheckz.com\r\n Versions Affected 1.1.0\r\n \r\n Author Salvatore Fresta aka Drosophila\r\n Website http://www.salvatorefresta.net\r\n Contact salvatorefresta [at] gmail [dot] com\r\n Date 2010-10-19\r\n \r\nX. INDEX\r\n \r\n I. ABOUT THE APPLICATION\r\n II. DESCRIPTION\r\n III. ANALYSIS\r\n IV. SAMPLE CODE\r\n V. FIX\r\n \r\n \r\nI. ABOUT THE APPLICATION\r\n________________________\r\n \r\nphpCheckZ is a web application that allows you to easily\r\ncreate checklists for your website.\r\n \r\n \r\nII. DESCRIPTION\r\n_______________\r\n \r\nA parameter is not properly sanitised before being used\r\nin a SQL query.\r\n \r\n \r\nIII. ANALYSIS\r\n_____________\r\n \r\nSummary:\r\n \r\n A) Blind SQL Injection\r\n \r\n \r\nA) Blind SQL Injection\r\n______________________\r\n \r\nThe parameters id in chart.php is not properly sanitised\r\nbefore being used in a SQL query. This can be exploited\r\nto manipulate SQL queries by injecting arbitrary SQL code.\r\n \r\nSuccessful exploitation requires that \"magic_quotes_gpc\"\r\nis disabled.\r\n \r\n \r\nIV. SAMPLE CODE\r\n_______________\r\n \r\nA) Blind SQL Injection\r\n \r\nhttp://site/path/chart.php?id=1' AND '1'='1\r\nhttp://site/path/chart.php?id=1' AND '1'='0\r\n \r\n \r\nV. FIX\r\n______\r\n \r\nNo fix.\r\n\r\n\n\n# 0day.today [2018-02-15] #", "_state": {"dependencies": 1647796702}}