InstantCMS 1.10.3盲注
产品: InstantCMSVendor: InstantSoft影响版本1.10.3 及之前版本已测试版本: 1.10.3缺陷类型: SQL Injection [CWE-89]解决方案: 官方已修复Discovered and Provided: High-Tech Bridge Security Research Lab ( https://www.htbridge.com/advisory/ ) ----------------------------------------------------------------------------------------------- Advisory Details: High-Tech Bridge Security Research Lab discovered blind SQL injection vulnerability in InstantCMS, which can be exploited to perform SQL Injection attacks, alter SQL requests and compromise vulnerable application. 1) SQL Injection in InstantCMS: CVE-2013-6839 The vulnerability exists due to insufficient filtration of "orderby" HTTP POST parameter passed to "/catalog/[id]" URL. A remote unauthenticated attacker can execute arbitrary SQL commands in application's database. Simple exploit code below uses blind SQL injection exploitation technique, and will display different order of records on the page if MySQL version is 5.*: <form action="http://[host]/catalog/2" method="post" name="main"><input type="hidden" name="orderby" value="(-pubdate*(substring(version(),1,1)=5))"><input type="hidden" name="orderto" value="asc"><input type="submit" id="btn"></form> 解决方案: Apply patch for InstantCMS 1.10.3:http://www.instantcms.ru/download/patch/security_update_for_iCMS_1.10.3_21-11-2013.zip InstantCMS 1.10.3 downloaded after 21/11/2013 is patched [without version/release modification] and is not vulnerable. More Information:http://www.instantcms.ru/novosti/security-update-1-10-3.htmlhttp://trac.instantcms.ru/changeset/1376
鎶ュ悕瀛︿範鍔犲井淇�/QQ 1602007锛屽叧娉ㄣ€婁笢鏂硅仈鐩熺綉銆嬪井淇″叕浼楀彿
>更多相关文章
- 11-15不看后悔!程序员防御XSS的无奈
- 11-10揭秘Web黑客3种注入点判断方法
- 11-10黑客Web脚本注入攻击深度剖析
- 10-21全球无线网络面临黑客攻击风险 WiFi曝安全漏洞
- 02-24iPhone再爆安全漏洞 黑客1分钟可盗照片及加密信息
- 02-22互联网金融风险 警示网站漏洞或成“致命点”
首页推荐
佛山市东联科技有限公司一直秉承“一切以用户价值为依归
- 01-11全球最受赞誉公司揭晓:苹果连续九年第一
- 12-09罗伯特·莫里斯:让黑客真正变黑
- 12-09谁闯入了中国网络?揭秘美国绝密黑客小组TA
- 12-09警示:iOS6 惊现“闪退”BUG
- 01-06马斯克宣布Grok 3即将推出,计算量大幅提升
- 01-06XR市场迎新变局,国内相关企业蓬勃发展
- 01-06盒马新任CEO发全员信 将冲击千亿规模
- 01-06加速AI基础设施投资,微软计划斥资800亿美元
- 01-06雷军透露小米汽车工厂开放参观预约,2025年
相关文章
24小时热门资讯
24小时回复排行
热门推荐
最新资讯
操作系统
黑客防御