Kvaliitti WebDoc 3.0 CMS is a proprietary Finnish-made content management system developed by Kvaliitti Oy (http://www.kvaliitti.fi). It is driven by MS SQL Server and ASP.
2. Abstract
WebDoc 3.0 suffers from a flaw in input validation, which allows attackers to insert malicious SQL queries into an existing one, possibly gaining complete control over an affected system.
1. Info
Kvaliitti WebDoc 3.0 CMS is a proprietary Finnish-made content management system developed by Kvaliitti Oy (http://www.kvaliitti.fi). It is driven by MS SQL Server and ASP.
2. Abstract
WebDoc 3.0 suffers from a flaw in input validation, which allows attackers to insert malicious SQL queries into an existing one, possibly gaining complete control over an affected system.
3. Vulnerable files & PoC:
categories.asp, subcategory.asp, document_id, cat_id
This proof of concept example exposes the internal server variable called "@@version":
http://www.vulnerable.tld/categories.asp?document_id=37&cat_id=convert(i
nt,(select+@@version));--
4. Misc
Vendor notified: yes
--
[ reply ]