by r0t,der4444,cembo,VietMafia

Tuesday, November 15, 2005

OnContent//CMS "pid" SQL Injection Vulnerability

author: r0t (hackers.by.lv)
date:15 nov. 2005

software developer:
http://www.antharia.com/content/index.php?pid=257

product description:
Antharia specializes in working with issue-based, advocacy-oriented nonprofits, associations, and conscious corporations. With your specific needs in mind, we have developed our OnContent™ CMS solution. With the power of our Open-Source solutions, we are able to offer you a core suite of products that will allow you to create, edit, and publish content on the Web. OnContent™ CMS features a number of standard modules and can be customized to meet your organization’s specific needs.

* OnContent™ is 100% browser-driven.
* You have full control over the site content and can create, edit, and publish content with our WYSIWYG editor.
* Keep members informed and coming back by keeping content current and informative.
* No monthly fees or recurring charges.
* Full asset control, our Asset Manager 2.0 allows you to upload images, media (flash, audio, and video) and a variety of documents (PDF, Word, and more) to your site.


Vuln. Description:

Input passed to the "pid" parameter in "index.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Tested on OnContent Basic, but as other versions are with same structure and have only some more addon modules and features OnContent Enterprise,OnContent Professional also can be vuln.


Solution:
Edit the source code to ensure that input is properly sanitised.

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew