by r0t,der4444,cembo,VietMafia

Saturday, December 17, 2005

ContentServ 3.1 SQL inj.

ContentServ 3.1 SQL inj.

Vuln. discovered by : r0t
Date: 17 dec. 2005
affected version: 3.1 and prior

Product Description:

The ContentServ envelops more than simple Content Management. It stands for Enterprise Marketing Management Solutions and a holistic approach, aimed at providing full-scale support of all marketing activities. Thus, it also includes Cross Media Publishing, Customer Relationship Management, Catalog and Product Information Management, and also Media Asset Management, to name a few. The EMMS Suite provides a highly professional solution for the creation and maintenance of content, regardless of whether it is to be published in web, print, or other forms of media. Particularly attractive are the numerous possibilities to steer and control all processes concerning content. Among these are a detailed Workflow Management, intelligent definition of user rights, Version Management, and many more. Additionally, the system is structured in a very open manner, allowing easy and seamless blending into existing system environments, and trouble free connection with other components such as SAP or various databases. The most outstanding feature, however, lies in Cross Media Publishing. It enables the publication of content into any medium desired. This is possible by the support over 27 exchange formats. These interfaces make ContentServ the most innovative provider of solutions for the creation, maintenance and publication of content.

Vuln. Description:

ContentServ contains a flaw that allows a remote sql injection attacks.Input passed to the "StoryID" parameter in "index.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code



Edit the source code to ensure that input is properly sanitised.


Post a Comment

<< Home

Copyright (c) 2006 Pridels Sec Crew