by r0t,der4444,cembo,VietMafia

Friday, November 18, 2005

eazyCMS "page_id" SQL Injection Vulnerability


author:r0t (hackers.by.lv)
Date:18 nov. 2005
software: eazyCMS v2
vendor:http://www.eazycms.com/home.php?page_id=2

Software Description:

eazyCMS offers the functionality that would, in a custom-made system, cost thousands or tens of thousands - and it's all available online through your browser - there is absolutely no software to install!
eazyCMS offers a user-friendly WYSIWYG (What You See Is What You Get) page editor, so that you can see at-a-glance exactly how your pages will look when they appear on your site.
There are plenty of functions for maintaining your site: You can create, copy, move and delete pages – You can start simple, using the eazy to use controls, then move on to the more advanced controls as and when you need to.

Vuln. Description:

Input passed to the "page_id" parameter in "home.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.


Solution:
Edit the source code to ensure that input is properly sanitised.

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew