Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
htbridgeHigh-Tech BridgeHTB22444
HistoryJun 14, 2010 - 12:00 a.m.

SQL Injection Vulnerability in TomatoCMS

2010-06-1400:00:00
High-Tech Bridge
www.htbridge.com
13

0.002 Low

EPSS

Percentile

61.1%

JSON

High-Tech Bridge SA Security Research Lab has discovered vulnerability in TomatoCMS which could be exploited to execute arbitrary SQL commands in application`s database.

  1. SQL injection vulnerability in TomatoCMS
    An input validation error exists in the “q” parameter in /news/search. A remote attacker can send a specially crafted HTTP GET request to the vulnerable script and execute arbitrary SQL commands in application`s database. Successful exploitation may allow an attacker to read, modify, add or delete arbitrary data.
    Exploitation example:
    http://host/news/search?q=sdf"+ANY_SQL_HERE
    The same vulnerability was found by Secunia Research (CVE-2010-1994) in version 2.0.4, fixed according to vendor in 2.0.5, but reappeared in version 2.0.6. See Secunia advisory for details:
    http://secunia.com/secunia_research/2010-56
CPENameOperatorVersion
tomatocmsle2.0.6

Related

cve 1
prion 1
cvelist 1
nvd 1
cve
cve
CVE-2010-1994
2010-05-20 17:30:01
prion
prion
Sql injection
2010-05-20 17:30:00
cvelist
cvelist
CVE-2010-1994
2010-05-20 17:00:00
nvd
nvd
CVE-2010-1994
2010-05-20 17:30:01

0.002 Low

EPSS

Percentile

61.1%

JSON
Related for HTB22444
cve1prion1cvelist1nvd1