Unak CMS vuln.
###############################################
Vuln. discovered by : r0t
Date: 2 june 2006
vendor:http://www.unak.net
affected versions:1.5 RC2 and prior
###############################################
Vuln. Description:
1) Input passed to the "u_a" and "u_s" parameters is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
2) Input to the "u_a" and "u_s" parameters is also not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
###############################################
Solution:
Edit the source code to ensure that input is properly sanitised.
###############################################
More information @ unsecured-systems.com/forum/
r0t at 02:01
2 Comments:
These variables are used in dozens of files. Can you disclose the injection point or narrow down which scripts are (or are not) vulnerable?
1:14 AM
if you are developer , you must know in wich file those parameters is used. there isnt to much files to find out.
If i had them before know i dont have now, i dont store information like this one , after i do report on blog i dont store any information.
3:11 AM
Post a Comment
<< Home