SQL Injection Vulnerability in SyntaxCMS

2010-07-27T00:00:00
ID HTB22540
Type htbridge
Reporter High-Tech Bridge
Modified 2010-07-27T00:00:00

Description

High-Tech Bridge SA Security Research Lab has discovered vulnerability in SyntaxCMS which could be exploited to execute arbitrary SQL commands in application`s database.

1) SQL injection vulnerability in SyntaxCMS
An input validation error exists in the "rows_per_page" parameter in /content/general/browse/. A remote attacker can send a specially crafted HTTP GET request to the vulnerable script and execute arbitrary SQL commands in application`s database. Successful exploitation may allow an attacker to read, modify, add or delete arbitrary data.
Exploitation example:
http://host/content/general/browse/?x=37&y=15&rows_per_page=10+ANY_SQL+--+&p age=2