Re: [Full-disclosure] Amiro.CMS <= 5.4.4 SQL inj



On Thu, 22 Apr 2010 21:20:26 +0400
Владимир Воронцов <vladimir.vorontsov@xxxxxxxx> wrote:

No.

On Thu, 22 Apr 2010 18:35:48 +0300, Henri Salo <henri@xxxxxxx> wrote:
On Thu, 22 Apr 2010 09:52:26 +0400
Владимир Воронцов <vladimir.vorontsov@xxxxxxxx> wrote:

In the system of site management Amiro.CMS found a critical
vulnerability introduction operators database. The vulnerability
allows an attacker, in particular, to compromise a target system,
gain administrative access.

Vulnerability has been discovered introduction of operators
database at user registration. An attacker can fill in the
"signature in the forum" with special data and affect the
structure of the query to the DBMS. Information about the request
not be displayed on the screen, thus possibly

conduct "blind" injections in order to obtain data or injections in
order to displace the data. Injection takes place in the operator
database INSERT. Further details were not disclosed at the request
of the developer.

Original at Russian: http://onsec.ru/vuln?id=20

Have you requested CVE-identifier for this?

---
Henri Salo


Please do: http://cve.mitre.org/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/