Minerva Infotech CMS 1.0 Blind SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1047645 漏洞类型
发布时间 2012-04-12 更新时间 2012-04-12
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2012040104
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
Exploit Title: Minerva infotech CMS Blind SQL injection Vulnerability
Date: 07/04/2012
Author: Andrea Bocchetti
Url : http://www.minervait.com/cms-demo/
CMS : Minerva infotech CMS
VERSION : 1.0
Category: webapps

Info : Minerva infotech CMS 1.0 is used to create, edit, manage, and
publish content in a consistently organized fashion. CMS are used for
storing, controlling, versioning and publishing industry-specific
documentation such as news, articles, operators' manuals, technical
manuals, sales guides and marketing brochures. The content management
may include computer files, image media, audio files, video files,
electronic documents and web content. Minerva Infotech CMS 1.0 is very
user friendly and easy to use CMS.

Minerva Infotech CMS 1.0 is the easiest way to control the content of
the website and the website owner can easily change their contents.
General user with basic knowledge can control their website easily.
CMS 1.0 user guide will help user to understand each and every aspect
of the CMS panel.


Exploit : http://www.host.com/path/content.php?ID=X ' <- BLIND SQL INJECTION