| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1e170aa0-53ea-a0c0-4f3c-292186823c99@vulnerability-lab.com> Date: Thu, 7 May 2020 09:33:04 +0200 From: Vulnerability Lab <research@...nerability-lab.com> To: fulldisclosure@...lists.org Subject: [FD] Creative Zone - (id) Remote SQL Injection Vulnerability Document Title: =============== Creative Zone - (id) Remote SQL Injection Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2250 Common Vulnerability Scoring System: ==================================== 7.5 Product & Service Introduction: =============================== http://www.soccerexporter.com Vulnerability Disclosure Timeline: ================================== 2020-05-07: Public Disclosure (Vulnerability Laboratory) Technical Details & Description: ================================ A remote sql-injection vulnerability has been discovered in the official creative zone web-application. The vulnerability allows remote attackers to inject or execute own sql commands to compromise the dbms or file system of the application. The remote sql injection web vulnerability is located in the id parameter of the about.php panel file. Remote attackers are able to inject and execute own malicious sql commands as statement to compromise the local database and affected management system. The request method to inject/execute is GET and the attack vector is client-side. Exploitation of the remote sql injection vulnerability requires no user interaction or privileged web-application user account. Successful exploitation of the remote sql injection results in database management system, web-server and web-application compromise. Request Method(s): [+] GET Vulnerable File(s): [+] about.php Vulnerable Parameter(s): [+] id Proof of Concept (PoC): ======================= The remote sql-injection web vulnerability can be exploited by remote attackers without user account or user interaction action. For security demonstration or to reproduce the sql injection vulnerability follow the provided information and steps below to continue. PoC: Exploitation |[+] Demo: http://localhost:8080/about.php?id=[x]'[SQL-INJECTION!]-- Reference(s): Creative Zone http://www.soccerexporter.com/about.php?id=[x]'[SQL-INJECTION!]-- https://www.wildearthnepal.com/about.php?id=[x]'[SQL-INJECTION!]-- https://www.kindyrooindonesia.com/about.php?id=[x]'[SQL-INJECTION!]-- Credits & Authors: ================== Bl4ck M4n - https://www.vulnerability-lab.com/show.php?user=Bl4ck+M4n -- VULNERABILITY LABORATORY - RESEARCH TEAM SERVICE: www.vulnerability-lab.com _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists