Huion Forum

 Forgot password?
 Register
View: 28|Reply: 0

Lito Lite CMS "cid" SQL Injection Vulnerability

[Copy link]

6

Threads

6

Posts

24

Credits

Newcomers

Rank: 1

Credits
24
Post time 2017-9-15 16:37:06 | Show all posts |Read mode
Hello everyone,




CWH Underground has discovered a vulnerability in Lito Lite CMS, which can be exploited by malicious people to conduct SQL injection attacks.


Input passed to the "cid" parameter in cate.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Successful exploitation requires that "magic_quotes_gpc" is disabled.

The vulnerability is confirmed in a version downloaded 2008-12-01. Other versions may also be affected.


Any idea, suggestions would be appriciated,


Thanks,





I didn't find the right solution from the internet.
Small Business Social Media Marketing







Reply

Use magic Report

You have to log in before you can reply Login | Register

Points Rules

Archiver|Wap|Closeting|Huion Forum  

2018-1-17 11:20 GMT+8 , Processed in 0.079479 second(s), 23 queries .

Powered by HUION X3.2

© 2001-2013 HUION Inc.

Quick Reply To Top Return to the list