Sign-up

ID

VAR-201012-0074


CVE

CVE-2010-4612


TITLE

Hycus CMS of index.php In SQL Injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2010-003550

DESCRIPTION

Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) usr_email parameters to user/1/hregister.html, (3) usr_email parameter to user/1/hlogin.html, (4) useremail parameter to user/1/forgotpass.html, and the (5) q parameter to search/1.html. NOTE: some of these details are obtained from third party information. (1) user/1/hregister.html To user_name Parameters (2) user/1/hregister.html To usr_email Parameters (3) user/1/hlogin.html To usr_email Parameters (4) user/1/forgotpass.html To useremail Parameters (5) search/1.html To q Parameters. Hycus CMS is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include multiple local file-include and multiple SQL-injection issues. Exploiting these issues can allow attacker view local files within the context of the webserver, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Other attacks may also be possible. Hycus CMS 1.0.3 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Hycus CMS Multiple SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA42567 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42567/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42567 RELEASE DATE: 2010-12-21 DISCUSS ADVISORY: http://secunia.com/advisories/42567/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42567/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42567 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered some vulnerabilities in Hycus CMS, which can be exploited by malicious people to conduct SQL injection attacks. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 1.0.3. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: High-Tech Bridge SA: http://www.htbridge.ch/advisory/sql_injection_in_hycus_cms.html http://www.htbridge.ch/advisory/sql_injection_in_hycus_cms_1.html http://www.htbridge.ch/advisory/sql_injection_in_hycus_cms_2.html http://www.htbridge.ch/advisory/sql_injection_in_hycus_cms_3.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.98

sources: NVD: CVE-2010-4612 // JVNDB: JVNDB-2010-003550 // BID: 45527 // PACKETSTORM: 96882

AFFECTED PRODUCTS

vendor:hycusmodel:cmsscope:eqversion:1.0.3

Trust: 1.9

vendor:hycus cmsmodel:hycus cmsscope:eqversion:1.0.3

Trust: 0.8

sources: BID: 45527 // JVNDB: JVNDB-2010-003550 // CNNVD: CNNVD-201012-334 // NVD: CVE-2010-4612

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-4612
value: MEDIUM

Trust: 1.0

NVD: CVE-2010-4612
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201012-334
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2010-4612
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2010-003550 // CNNVD: CNNVD-201012-334 // NVD: CVE-2010-4612

PROBLEMTYPE DATA

problemtype:CWE-89

Trust: 1.8

sources: JVNDB: JVNDB-2010-003550 // NVD: CVE-2010-4612

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201012-334

TYPE

sql injection

Trust: 0.7

sources: PACKETSTORM: 96882 // CNNVD: CNNVD-201012-334

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-003550

PATCH
title:Top Pageurl:http://blog.hycus.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-003550

EXTERNAL IDS
db:NVDid:CVE-2010-4612
Trust: 2.7
db:BIDid:45527
Trust: 1.9
db:SECUNIAid:42567
Trust: 1.7
db:EXPLOIT-DBid:15797
Trust: 1.6
db:JVNDBid:JVNDB-2010-003550
Trust: 0.8
db:BUGTRAQid:20101221 SQL INJECTION IN HYCUS CMS
Trust: 0.6
db:CNNVDid:CNNVD-201012-334
Trust: 0.6
db:PACKETSTORMid:96882
Trust: 0.1
sources:
            
            
            BID: 45527 // 
            
            
            
            JVNDB: JVNDB-2010-003550 // 
            
            
            
            PACKETSTORM: 96882 // 
            
            
            
            CNNVD: CNNVD-201012-334 // 
            
            
            
            NVD: CVE-2010-4612

REFERENCES
url:http://www.htbridge.ch/advisory/sql_injection_in_hycus_cms_1.html
Trust: 1.7
url:http://www.htbridge.ch/advisory/sql_injection_in_hycus_cms_3.html
Trust: 1.7
url:http://www.htbridge.ch/advisory/sql_injection_in_hycus_cms_2.html
Trust: 1.7
url:http://www.htbridge.ch/advisory/sql_injection_in_hycus_cms.html
Trust: 1.7
url:http://www.securityfocus.com/bid/45527
Trust: 1.6
url:http://www.exploit-db.com/exploits/15797
Trust: 1.6
url:http://secunia.com/advisories/42567
Trust: 1.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/64438
Trust: 1.0
url:http://www.securityfocus.com/archive/1/515382/100/0/threaded
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4612
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4612
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/515382/100/0/threaded
Trust: 0.6
url:http://www.hycus.com/
Trust: 0.3
url:http://www.htbridge.ch/advisory/lfi_in_hycus_cms.html
Trust: 0.3
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=42567
Trust: 0.1
url:http://secunia.com/products/corporate/evm/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/42567/#comments
Trust: 0.1
url:http://secunia.com/products/corporate/vim/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/42567/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            BID: 45527 // 
            
            
            
            JVNDB: JVNDB-2010-003550 // 
            
            
            
            PACKETSTORM: 96882 // 
            
            
            
            CNNVD: CNNVD-201012-334 // 
            
            
            
            NVD: CVE-2010-4612

CREDITS
High-Tech Bridge SA
Trust: 0.9
sources:
            
            
            BID: 45527 // 
            
            
            
            CNNVD: CNNVD-201012-334

SOURCES
db:BIDid:45527
db:JVNDBid:JVNDB-2010-003550
db:PACKETSTORMid:96882
db:CNNVDid:CNNVD-201012-334
db:NVDid:CVE-2010-4612

LAST UPDATE DATE
2025-04-11T22:54:08.835000+00:00

SOURCES UPDATE DATE
db:BIDid:45527date:2015-04-13T21:02:00
db:JVNDBid:JVNDB-2010-003550date:2012-03-27T00:00:00
db:CNNVDid:CNNVD-201012-334date:2010-12-30T00:00:00
db:NVDid:CVE-2010-4612date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:BIDid:45527date:2010-12-21T00:00:00
db:JVNDBid:JVNDB-2010-003550date:2012-03-27T00:00:00
db:PACKETSTORMid:96882date:2010-12-23T06:19:44
db:CNNVDid:CNNVD-201012-334date:2010-12-30T00:00:00
db:NVDid:CVE-2010-4612date:2010-12-29T22:33:32.277