[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SmartCMS v.2 SQL injection vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: SmartCMS v.2 SQL injection vulnerability
From: Maciej Gojny <vuln@xxxxxxxxxxxxxxxxxx>
Date: Tue, 4 May 2010 23:59:41 +0200

============ { Ariko-Security - Advisory #1/5/2010 } =============

       SQL injection vulnerability in SmartCMS v.2



Vendor's Description of Software:
# http://www.smartwebsites.com.cy/index.php?pageid=13&lang=en

Dork:
# n/a

Application Info:
# Name: SmartCMS
# Versions: V.2

Vulnerability Info:
# Type: SQL injection Vulnerability
# Risk: medium

Fix: 
# N/A

Time Table:
# 22/04/2010 - Vendor notified.


Input passed via the "pageid" ,"lang" parameters to index.php is not 

properly sanitised before being used in a SQL query.

Solution:
# Input validation of "pageid","lang" parameters should be corrected.


Vulnerability:
# http://[site]/index.php?pageid=[SQLi]&lang=[SQLi]

Credit:
# Discoverd By: MG
#Advisory:
http://www.ariko-security.com/apr2010/audyt_bezpieczenstwa_652.html
# Website: http://Ariko-security.com
# Contacts: support[-at-]ariko-security.com


Ariko-Security
Maciej Gojny
vuln@xxxxxxxxxxxxxxxxxx
tel.: +48512946012 (Mo-Fr 10.00-20.00 CET)

Prev by Date: [security bulletin] HPSBMA02400 SSRT080144 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
Next by Date: Vulnerabilities in t3m_cumulus_tagcloud for TYPO3
Previous by thread: [security bulletin] HPSBMA02400 SSRT080144 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
Next by thread: Vulnerabilities in t3m_cumulus_tagcloud for TYPO3
Index(es):
- Date
- Thread