TinX CMS rss.php模块SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117447 漏洞类型 SQL注入
发布时间 2009-03-06 更新时间 2009-03-06
CVE编号 CVE-2009-0825 CNNVD-ID CNNVD-200903-176
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/32843
https://www.securityfocus.com/bid/34021
https://cxsecurity.com/issue/WLB-2009030159
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200903-176
|漏洞详情
TinX/cms是使用PHP/MySQL编写的开源内容管理系统。TinX/cms3.x之前3.5.1版本system/rss.php存在SQL注入漏洞。允许远程攻击者通过id参数执行SQL注入攻击。
|漏洞EXP
source: http://www.securityfocus.com/bid/34021/info

TinX CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Versions prior to TinX CMS 3.5.1 are vulnerable.

http://www.example.com/system/rss.php?id=1'SQL-code
|受影响的产品
TinX/cms TinX/cms 3.5
|参考资料

来源:BID
名称:34021
链接:http://www.securityfocus.com/bid/34021
来源:sourceforge.net
链接:http://sourceforge.net/project/showfiles.php?group_id=133415
来源:XF
名称:tinxcms-rss-sql-injection(49115)
链接:http://xforce.iss.net/xforce/xfdb/49115
来源:BUGTRAQ
名称:20090306[PositiveTechnologiesSA:2009-13]TinXCMS3.xSQLInjectionVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/501547/100/0/threaded
来源:sourceforge.net
链接:http://sourceforge.net/project/shownotes.php?group_id=133415&release_id=658540
来源:SECUNIA
名称:34178
链接:http://secunia.com/advisories/34178
来源:MISC
链接:http://en.securitylab.ru/lab/PT-2009-13