CVE-2010-2721
Description
SQL injection vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers to execute arbitrary SQL commands via the artist_id parameter in an addalbum action.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
Lyrics 3.0 - Engine SQL Injection
1 ########################################## 1
0 I'm Sid3^effects member from Inj3ct0r Team 1
1 ########################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Name : Lyrics V3 engine Sqli Vulnerability
Date : july 6,2010
Critical Level : HIGH
vendor URL :http://rightinpoint.com/
Price:$99
Author : Sid3^effects aKa HaRi <shell_c99[at]yahoo.com>
special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger_
greetz to :www.topsecure.net ,All ICW members and my friends :) luv y0 guyz
#######################################################################################################
Description :
Key Features
* SEO friendly engine - all urls looks like static html files
* Huge database - 128521 lyrics, 8561 albums, 2076 artists, 6429 albums covers
* New [add-on] Ability to upgrade database to the more that 380k lyrics, 20k artists, 30k albums.
* New [add-on] Custom skins - we may create custom skin for you or you may buy one of the our predefined skins
#######################################################################################################
Xploit :SQli Vulnerability
DEMO URL :http://server/index.php?new_a=addalbum&artist_id=[sqli]
###############################################################################################################
# 0day no more
# Sid3^effects Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| rightinpoint | lyrics_engine | 3.0 | |
References
- http://osvdb.org/66033
- http://packetstormsecurity.org/1007-exploits/lyrics-sql.txt
- http://secunia.com/advisories/40438
- http://www.exploit-db.com/exploits/14244
- http://www.securityfocus.com/bid/41394
- http://www.vupen.com/english/advisories/2010/1741
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60118
- http://osvdb.org/66033
- http://packetstormsecurity.org/1007-exploits/lyrics-sql.txt
- http://secunia.com/advisories/40438
- http://www.exploit-db.com/exploits/14244
- http://www.securityfocus.com/bid/41394
- http://www.vupen.com/english/advisories/2010/1741
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60118
CWEs
CWE-89
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.