Mafia Moblog Full Path Disclosure / SQL injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1053209 漏洞类型
发布时间 2006-06-13 更新时间 2006-06-13
CVE编号 CVE-2006-2978
漏洞平台 N/A CVSS评分 N/A
Produce : Mafia Moblog

WebSite :

Version : 6 Full and Prior

Discovred By :Moroccan Security Research Team (Simo64)

IMPACT  : Manipulation of data, System access

[+] Full Path Disclosure :

The problem is that it is possible to disclose the full path to 'big.php','upgrade.php' by accessing directly.



Result :

Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result resource in /home/simo64/www/moblog/templates/match plus/big.php on line 54

[+] SQL Injection :

Input passed to 'img' parameters in 'big.php' is not properly sanitised

before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

[-] Vulnerable Code in 'templates/match plus/big.php' :


52  $query = "SELECT * FROM $table WHERE id=$img";

53  $result = mysql_query($query);

54  $row = mysql_fetch_row($result);


[-] Exploit : http://localhost//moblog/big.php?img=[SQL]&pg=1

[+]Contact : Simo64 (at) gmail (dot) com [email concealed] [Moroccan Security Team]