SelfComposer CMS html injection and remote SQL injection

2010.05.17

Credit: CoBRa_21

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

*==== =={ Advisory 14/5/2010 } ======*
*SQL injection vulnerability in SelfComposer CMS
*
*Vendor's Description of Software:*
*# http://www.selfcomposer.it*
*Dork:*
*allinurl:"prodotti.asp?idpadrerif="*
*Application Info:*
*Name: *SelfComposer
*Vulnerability Info:*
*Type: *SQL injection Vulnerability
*Risk: High*
*Fix:*
*N/A*
*Time Table:*
*06/05/2010 - Vendor notified.*
*Additional Info:*
All the input passed via "idprod", "idpadrerif", "idreferenza",
"idpadrerifIstituzionali"
is not properly sanitised before being used in a sql query.
*Solution:*
Input validation of "idprod", "idpadrerif", "idreferenza",
"idpadrerifIstituzionali"
parameters should be corrected.
*Vulnerability:*
# http://[site]/scheda.asp?idprod=[SQLi]&idpadrerif=[SQLi]
# http://[site]/schedaistituzionale.asp?idreferenza=[SQLi]&idpadrerifIstituzionali=[SQLi]
*Credit:*
Discoverd By: Locu
Website: http://xlocux.wordpress.com
Contacts: xlocux[-at-]gmail.com
*============ {EOF} =============*

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

SelfComposer CMS html injection and remote SQL injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.