header-logo
Suggest Exploit
vendor:
SugarSales
by:
7.5
CVSS
HIGH
SQL Injection, Directory Traversal, Remote Denial of Service, Information Disclosure
89, 22, 200
CWE
Product Name: SugarSales
Affected Version From: Prior to 2.0.1a
Affected Version To: Current versions
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Multiple vulnerabilities in SugarSales

SugarSales is affected by multiple vulnerabilities including an SQL injection vulnerability, a directory traversal vulnerability, and a remote denial of service and information disclosure vulnerability. The SQL injection vulnerability is caused by a lack of input validation, allowing attackers to inject malicious SQL queries. The directory traversal vulnerability is also due to a lack of input validation, enabling attackers to access files outside the intended directory. The remote denial of service and information disclosure vulnerability allows attackers to access sensitive information and cause a denial of service. To exploit these vulnerabilities, an attacker can log into SugarSales using the username 'admin' or '1=1 --' with any password. Additionally, sensitive files can be disclosed by accessing specific URLs.

Mitigation:

To mitigate these vulnerabilities, it is recommended to update SugarSales to version 2.0.1a or later. Additionally, input validation should be implemented to prevent SQL injection and directory traversal attacks. Access to sensitive files should be restricted.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11896/info

Multiple remote vulnerabilities are reported to exist in SugarSales.

The first reported issue is an SQL injection vulnerability. This vulnerability is due to a lack of proper input-validation by the application, prior to utilizing attacker-supplied data in and SQL query.

This vulnerability is reported to exist in versions prior to 2.0.1a.

The next issue is reportedly a directory traversal vulnerability. This vulnerability is also due to a lack of proper input-validation by the application.

The last reported issue is a remote denial of service and information disclosure vulnerability.

The directory traversal and installation script vulnerabilities reportedly exist in all current versions of SugarSales.

To log into SugarSales, utilize the username "admin' or 1=1 -- " with any password.

To disclose the contents of potentially sensitive files:
http://www.example.com/sugarcrm/modules/Users/Login.php?theme=/../../../etc/hosts%00
http://www.example.com/sugarcrm/modules/Calls/index.php?theme=/../../../etc/hosts%00

Navigation

Suggest Exploit

Services By CQR