Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties

ID 1337DAY-ID-2089
Type zdt
Reporter SmOk3
Modified 2007-08-27T00:00:00


Exploit for unknown platform in category web applications

Arcadem 2.01 Remote SQL Injection / RFI Vulnerabilties

Arcadem Remote File Inclusion Flaw / SQL Injection

Software: Arcadem 2.01
Vendor link:
Attack: Remote File Inclusion / SQL Injection

Discovered by: David Sopas Ferreira a.k.a SmOk3 

Google dork:"Powered by AMCMS3"

Remote File Inclusion
It is possible for a remote attacker to include a file from local or
remote resources and/or execute arbitrary script code with the
privileges of the webserver.

Proof of Concept:



Edit the source code to ensure that input is properly validated. Where
is possible, it is recommended to make a list of accepted filenames
and restrict the input to that list.

For PHP, the option allow_url_fopen would normally allow a programmer
to open, include or otherwise use a remote file using a URL rather
than a local file path. It is recommended to disable this option from

SQL Injection
An attacker may execute arbitrary SQL statements on the vulnerable
system. This may compromise the integrity of your database and/or
expose sensitive information.

Proof of Concept:

%3Fblockpage%3D1%26cat%3D&cat=[SQL Injection]


Your script should filter metacharacters from user input.

Vendor was contacted by email and didn't not replied.

# [2018-03-20]  #