CLscript CMS v3.0 - SQL Injection Vulnerability

2012-05-16T00:00:00
ID 1337DAY-ID-18279
Type zdt
Reporter the_storm
Modified 2012-05-16T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            Title:
======
CLscript CMS v3.0 - Multiple Web Vulnerabilities

Common Vulnerability Scoring System:
====================================
8.6


Introduction:
=============
With the professionally developed Classified-Portal CLscript 3.0 can Visitors post Classifieds and 
use many new Features. The Classifieds Software is search Engine friendly to gain better Promotion 
Aspects at search Engines. The whole Structure is manageable through easy to use AdminPanel.
In developing the Classified Software, we have geared ourselves to the most successful
Classifieds-Sites on the Internet. You can generate real Income from your Classifieds Website.

Manage Categories
Change Category Icons
Manage Sub Categories
Manage Members
Manage Social Network Ads:
- Facebook, Twitter etc. -
Manage FAQ
Manage Forum
Manage Featured Classifieds
Manage Classifieds Enquiry
Spam Protection Management
Manage Banner Requests
Place Banner (Google-Adsense)
under Categories at various Places.
Manage Feedback
Manage Newsletter
Manage SEO
RSS Feeds

(Copy of the vendor Homepage: http://www.clscript.com )

Affected Products:
==================
CLscript COM 
Product: CLscript Classified Software v3.0

Details:
========
1.1
Multiple SQL Injection vulnerabilities are detected in the CLscript v3.0 Content Management System.
The vulnerability allows an attacker (remote) to inject/execute own sql commands on the affected application dbms. 
Successful exploitation of the vulnerability results in dbms, service & application compromise.
The vulnerabilities are located in multiple application files like land pagedetail, userdetail, advertise & enquiry.

Vulnerable Module(s):
				[+] land
				[+] pageDetail
				[+] enquiry_detail
				[+] userDetail
				[+] advertise_detail

Picture(s):
				../1.png
				../2.png
				../3.png
				../4.png


1.2
Multiple persistent input validation vulnerabilities are detected in the CLscript v3.0 Content Management System. 
The bugs allow remote attackers to implement/inject malicious script code on the application side (persistent). 
Successful exploitation of the vulnerability can lead to session hijacking (manager/admin) or stable (persistent) 
context manipulation. Exploitation requires low user inter action & privileged user account. 

Vulnerable Module(s): 
				[+] Topic  (title - description)
				[+] New word (word is injectible)
				[+] Subcategory (category name)
				[+] Add a new help
				[+] Add currency (Symbol - Currency code)
				[+] Add new FAQ (Question)

Risk:
=====
1.1
The security risk of the sql injection vulnerabilities are estimated as critical.

1.2
The security risk of the persistent input validation vulnerabilities are estimated as medium(+).



#  0day.today [2018-01-09]  #