← Advisories

SetSeed CMS 5.8.20 (loggedInUser) Remote SQL Injection Vulnerability

Medium
Advisory ID
ZSL-2011-5053
Release Date
02 November 2011
Vendor
SetSeed - http://www.setseed.com
Affected Version
5.8.20
CVE
CVE-2011-5116
Tested On
Microsoft Windows XP Pro SP3 (EN), Apache 2.2.21, MySQL 5.5.16, PHP 5.3.8
Summary

SetSeed is a self-hosted CMS which lets you rapidly build and deploy complete websites and online stores for your clients.

Description

SetSeed CMS is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the vulnerable script using the cookie input 'loggedInUser', which could allow the attacker to view, add, modify or delete information in the back-end database.

Proof of Concept
setseed_sqli.txtTXT
Disclosure Timeline
04.11.2011Vendor releases version 5.11.2 which does not affect this vulnerability.
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]http://www.exploit-db.com/exploits/18065/
[2]http://www.securityfocus.com/bid/50498
[3]http://packetstormsecurity.org/files/106527/ZSL-2011-5053.txt
[4]http://securityreason.com/wlb_show/WLB-2011110012
[5]http://secunia.com/advisories/46674/
[6]http://osvdb.org/show/osvdb/76801
[7]http://xforce.iss.net/xforce/xfdb/71128
[8]http://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-5116
Changelog
02.11.2011Initial release
03.11.2011Added reference [2], [3], [4] and [5]
04.11.2011Added reference [6] and [7]
04.11.2011Added vendor status.
24.11.2012Added reference [8]