| 제목 | fannuo Enterprise Content Management System PHP 4.0 SQL Injection |
|---|
| 설명 | Vulnerability description
Fano enterprise website management system v4.0 has SQL injection vulnerability. The vulnerability is located in the admin/cms_chip.php file during the processing of the del parameter. Since the del parameter is directly concatenated into SQL query statements without filtering, attackers can execute arbitrary SQL statements by constructing malicious del parameters.
Code audit procedure
1. Location of vulnerability code
File path: admin/cms_chip.php
Search the sql_query function to find the admin/cms_chip.php file
system/library.php contains the cms_inc.php file, which contains a file that requests an escape from the individual
sql injection was found in the del request.
POC
GET /admin/cms_chip.php? del=1 OR 1=1 HTTP/1.1
Host: target-ip |
|---|
| 원천 | ⚠️ https://wiki.shikangsi.com/post/share/c46c50d3-c8d7-46a0-9fed-8d79a64abb44 |
|---|
| 사용자 | XingYue_Mstir (UID 72225) |
|---|
| 제출 | 2025. 04. 03. AM 04:59 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 04. 14. AM 01:41 (11 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 304612 [Fannuo Enterprise Content Management System 凡诺企业网站管理系统 admin/cms_chip.php SQL 주입] |
|---|
| 포인트들 | 20 |
|---|