Document Title: =============== CRUCMS Crucial Networking - SQL Injection Vulnerability References (Source): ==================== http://ift.tt/1GiRMJB Release Date: ============= 2015-05-18 Vulnerability Laboratory ID (VL-ID): ==================================== 1497 Common Vulnerability Scoring System: ==================================== 8.2 Product & Service Introduction: =============================== We work with businesses to develop web sites that help grow their bottom line. What if we told you that you could turn one of the most neglected and frustrating aspects of your business into your most valuable, lead- and revenue-generating asset? That’s what happens when you hire the right web strategy partner. We get that you may not understand or really want to deal with the web. Or maybe you do want to deal with it, but don’t know where to begin. That’s where we come in with CRUCMS. (Copy of the Vendor Homepage: http://ift.tt/1Hc2AFJ ) Abstract Advisory Information: ============================== An indepndent vulnerability laboratory researcher discovered a remote sql injection web vulnerability in the official Crucial Networking - CRUCMS web-application. Vulnerability Disclosure Timeline: ================================== 2015-05-18: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Crucial Networking LLC Product: CRUCMS - Content Management System 2015 Q2 Exploitation Technique: ======================= Remote Severity Level: =============== High Technical Details & Description: ================================ Multiple remote sql injection vulnerabilities has been discovered in the official Crucial Networking - CRUCMS web-application (2015 Q2). The vulnerability allows remote attackers to execute own sql commands to compromise the web-applicaation or database management system. The vulnerabilities are located in the id value of the `projects-cat.php`,`kitchen-chefs-detail.php` and `gallery-view.php` files. Remote attackers are able to execute own sql commands by manipulation of the GET method request with the vulnerable id value. The request method to inject the command is GET and the issue is located on the application-side. The security risk of the sql injection vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 8.2. Exploitation of the remote sql injection web vulnerability requires no user interaction or privilege web-application user account. Successful exploitation of the remote sql injection results in dbms, web-server and web-application compromise. Request Method(s): [+] GET Vulnerable File(s): [+] projects-cat.php [+] kitchen-chefs-detail.php [+] gallery-view.php Vulnerable Parameter(s): [+] id Proof of Concept (PoC): ======================= The sql Injection web vulnerability can be exploited by remote attackers without privilege web-application user account or user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. PoC: http://ift.tt/1AfrTJN' union all select [SQL INJECTION VULNERABILITY!
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment