| Title | fannuo Enterprise Content Management System PHP 4.0 SQL Injection |
|---|
| Description | Vulnerability description
Fano enterprise website management system v4.0 has SQL injection vulnerability. The vulnerability is located in the admin/cms_chip.php file during the processing of the del parameter. Since the del parameter is directly concatenated into SQL query statements without filtering, attackers can execute arbitrary SQL statements by constructing malicious del parameters.
Code audit procedure
1. Location of vulnerability code
File path: admin/cms_chip.php
Search the sql_query function to find the admin/cms_chip.php file
system/library.php contains the cms_inc.php file, which contains a file that requests an escape from the individual
sql injection was found in the del request.
POC
GET /admin/cms_chip.php? del=1 OR 1=1 HTTP/1.1
Host: target-ip |
|---|
| Source | ⚠️ https://wiki.shikangsi.com/post/share/c46c50d3-c8d7-46a0-9fed-8d79a64abb44 |
|---|
| User | XingYue_Mstir (UID 72225) |
|---|
| Submission | 04/03/2025 04:59 (1 Year ago) |
|---|
| Moderation | 04/14/2025 01:41 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 304612 [Fannuo Enterprise Content Management System 凡诺企业网站管理系统 admin/cms_chip.php sql injection] |
|---|
| Points | 20 |
|---|