Full Disclosure mailing list archives
Creative Zone - (id) Remote SQL Injection Vulnerability
From: Vulnerability Lab <research () vulnerability-lab com>
Date: Thu, 7 May 2020 09:33:04 +0200
Document Title: =============== Creative Zone - (id) Remote SQL Injection Vulnerability References (Source): ==================== https://www.vulnerability-lab.com/get_content.php?id=2250 Common Vulnerability Scoring System: ==================================== 7.5 Product & Service Introduction: =============================== http://www.soccerexporter.com Vulnerability Disclosure Timeline: ================================== 2020-05-07: Public Disclosure (Vulnerability Laboratory) Technical Details & Description: ================================ A remote sql-injection vulnerability has been discovered in the official creative zone web-application. The vulnerability allows remote attackers to inject or execute own sql commands to compromise the dbms or file system of the application. The remote sql injection web vulnerability is located in the id parameter of the about.php panel file. Remote attackers are able to inject and execute own malicious sql commands as statement to compromise the local database and affected management system. The request method to inject/execute is GET and the attack vector is client-side. Exploitation of the remote sql injection vulnerability requires no user interaction or privileged web-application user account. Successful exploitation of the remote sql injection results in database management system, web-server and web-application compromise. Request Method(s): [+] GET Vulnerable File(s): [+] about.php Vulnerable Parameter(s): [+] id Proof of Concept (PoC): ======================= The remote sql-injection web vulnerability can be exploited by remote attackers without user account or user interaction action. For security demonstration or to reproduce the sql injection vulnerability follow the provided information and steps below to continue. PoC: Exploitation |[+] Demo: http://localhost:8080/about.php?id=[x]'[SQL-INJECTION!]-- Reference(s): Creative Zone http://www.soccerexporter.com/about.php?id=[x]'[SQL-INJECTION!]-- https://www.wildearthnepal.com/about.php?id=[x]'[SQL-INJECTION!]-- https://www.kindyrooindonesia.com/about.php?id=[x]'[SQL-INJECTION!]-- Credits & Authors: ================== Bl4ck M4n - https://www.vulnerability-lab.com/show.php?user=Bl4ck+M4n -- VULNERABILITY LABORATORY - RESEARCH TEAM SERVICE: www.vulnerability-lab.com _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Creative Zone - (id) Remote SQL Injection Vulnerability Vulnerability Lab (May 07)
- <Possible follow-ups>
- Creative Zone - (id) Remote SQL Injection Vulnerability admin () evolution-sec com (May 08)