Multiple Blind
WhiteBoard 0.1.30 Multiple Blind SQL Injection Vulnerabilities
Name WhiteBoard
Vendor http://sarosoftware.com
Versions Affected 0.1.30
Author Salvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta [at] gmail [dot] com
Date 2010-07-24
Summary:
A) Multiple Arbitrary File Upload
B) Multiple SQL Injection
C) Multiple Blind SQL Injection
D) Multiple Reflected and Stored XSS
E) Information Disclosure
A) Multiple Arbitrary File Upload
_____________
Summary:
A) Local File Inclusion
B) Multiple Blind SQL Injection
A) Local File Inclusion
_______________________
Summary:
A) Multiple Remote Command Execution
B) Multiple SQL Injection
C) Multiple Blind SQL Injection
D) XSS
A) Multiple Remote Command Execution
____________________________________
[+] Application: T-HTB Manager
[+] Version: 0.5
[+] Website: http://sourceforge.net/apps/mediawiki/t-htbmanager/index.php?title=Main_Page
[+] Bugs: [A] Multiple Blind SQL Injection
[+] Exploitation: Remote
[+] Date: 10 Sep 2009
[+] Discovered by: Salvatore Fresta aka drosophila
Spielothek 1.6.9 Joomla Component Multiple Blind SQL Injection
Name Spielothek
Vendor http://www.spielban.de
Versions Affected 1.6.9
Author Salvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta [at] gmail [dot] com
Date 2010-07-31
Teams 1_1028_100809_1711 Joomla Component Multiple Blind SQL Injection Vulnerabilities
Name Teams
Vendor http://www.joomlamo.com
Versions Affected 1_1028_100809_1711
Author Salvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta [at] gmail [dot] com
Date 2010-08-10
PBBooking 1.0.4_3 Joomla Component Multiple Blind SQL Injection
Name PBBooking
Vendor http://sourceforge.net/projects/pbbooking/
Versions Affected 1.0.4_3
Author Salvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta [at] gmail [dot] com
Date 2010-07-29
_____________
Summary:
A) Multiple SQL Injection
B) Multiple Blind SQL Injection
A) Multiple SQL Injection
_________________________
PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection
Name PhotoMap Gallery
Vendor http://photoindochina.com
Versions Affected 1.6.0
Author Salvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta [at] gmail [dot] com
Date 2010-07-28
[+] Application: AdaptBB
[+] Version: 1.0 Beta
[+] Website: http://sourceforge.net/projects/adaptbb/
[+] Bugs: [A] Multiple Blind SQL Injection
[B] Multiple Dynamic Code Execution
[C] Arbitrary File Upload
[+] Exploitation: Remote
[+] Date: 09 Apr 2009
III. ANALYSIS
_____________
Summary:
A) Multiple Blind SQL Injection
B) Multiple SQL Injection
A) Multiple Blind SQL Injection
_______________________________
III. ANALYSIS
Summary:
A) Multiple Blind SQL Injection
B) Multiple Arbitrary File Upload
C) Local File Inclusion
A) Blind SQL Injection
III. ANALYSIS
Summary:
A) Local File Inclusion
B) Multiple Blind SQL Injection
A) Local File Inclusion
The controller parameter in canteen.php is not sanitised
# Exploit Title: Joomla Component Clantools version 1.2.3 Multiple Blind SQL Injection Vulnerabilities
# Date: 05.09.2010
# Author: Stephan Sattler // Solidmedia
# Software Link: http://www.joomla-clantools.de/downloads/doc_download/7-clantools-123.html
# Version: 1.2.3
[ Vulnerability 1 ]
http://www.site.com/joomlapath/index.php?option=com_clantools&squad=1+[Blind SQL]
Digital Security Research Group [DSecRG] Advisory #DSECRG-09-037
Application: AbleSpace
Versions Affected: 1.0
Vendor URL: http://abk-soft.com/
Bugs: Multiple Blind SQL Injections, Multiple XSS
Exploits: YES
Reported: 18.03.2009
Vendor Response: NONE
Secondly Reported: 29.03.2009
Solution: NONE
Details
*******
1. Multiple Blind SQL Injection
Attacker can inject SQL code in modules:
http://[server]/[installdir]/modules/mydownloads/brokenfile.php?lid+DSecRG_INJECTION
http://[server]/[installdir]/modules/mydownloads/visit.php?lid=2+DSecRG_INJECTION
|
