vendor:
EZCMS
by:
t0pP8uZz
7.5
CVSS
HIGH
Blind SQL Injection & Arbitrary Remote File Manager Access
89
CWE
Product Name: EZCMS
Affected Version From: All versions prior to date
Affected Version To: All versions prior to date
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
EZCMS <= 1.2 Multiple Remote Vulnerabilitys
EZCMS (all versions prior to date) suffers from 2 remote vulnerabilitys. One of these being a BLIND Sql Injection in 'index.php' and the 'page' variable is injectable. The second one being a insecure filemanager, the filemanager is hidden away in admin, the devs probarly thought no one would find it. The Blind SQL Injection can be tested by using http://site.com/index.php?page=1 and 1=1 and http://site.com/index.php?page=1 and 1=2. The Arbitrary Remote File Manager Access can be accessed by using http://site.com/ezcms/admin/filemanager/.
Mitigation:
The Blind SQL Injection can be tested by using http://site.com/index.php?page=1 and 1=1 and http://site.com/index.php?page=1 and 1=2. The Arbitrary Remote File Manager Access can be accessed by using http://site.com/ezcms/admin/filemanager/.