Webessence CMS SQL Injection and Arbitrary File Upload Vulnerabilities
BID:39726
Info
Webessence CMS SQL Injection and Arbitrary File Upload Vulnerabilities
| Bugtraq ID: | 39726 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 27 2010 12:00AM |
| Updated: | Apr 27 2010 12:00AM |
| Credit: | white_sheep, R00T_ATI, and epicfail |
| Vulnerable: |
Webessence Webessence CMS 1.0.3 |
| Not Vulnerable: | |
Discussion
Webessence CMS SQL Injection and Arbitrary File Upload Vulnerabilities
Webessence CMS is prone to the multiple input-validation vulnerabilities including an SQL-injection vulnerability and an arbitrary-file-upload vulnerability because it fails to sanitize user-supplied data.
Exploiting these issues could allow an attacker to compromise the application, execute arbitrary code, access or modify data, or exploit latent vulnerabilities in the underlying database.
Webessence CMS 1.0.3 is vulnerable; other versions may also be affected.
Webessence CMS is prone to the multiple input-validation vulnerabilities including an SQL-injection vulnerability and an arbitrary-file-upload vulnerability because it fails to sanitize user-supplied data.
Exploiting these issues could allow an attacker to compromise the application, execute arbitrary code, access or modify data, or exploit latent vulnerabilities in the underlying database.
Webessence CMS 1.0.3 is vulnerable; other versions may also be affected.
Exploit / POC
Webessence CMS SQL Injection and Arbitrary File Upload Vulnerabilities
Attackers can use a browser to exploit these issues.
The following exploits are available:
Attackers can use a browser to exploit these issues.
The following exploits are available:
Solution / Fix
Webessence CMS SQL Injection and Arbitrary File Upload Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Webessence CMS SQL Injection and Arbitrary File Upload Vulnerabilities
References:
References:
- Webessence CMS Homepage (Webessence)