Critical Blind SQL Injection Vulnerability in Pragyan CMS
Advisory by Netsparker (now Invicti)
Name: Critical Blind SQL Injection vulnerability in Pragyan CMS
Software: Pragyan CMS v3.0 and possibly below.
Vendor Homepage: https://github.com/delta/pragyan
Vulnerability Type: SQL Injection
Researcher: Omar Kurt
Advisory Reference: NS-14-001
A simple and fast multiuser content management system to organize collaborative web-content. This CMS allows very fine user&group permissions, generating pages like articles, forms, quizzes, forums, etc, search powered by sphider.
Pragyan CMS is affected by Blind SQL Injection vulnerabilities in version 3.0.
Example PoC urls are as follows:
- Blind SQL Injection
http://example.com/?page='+(SELECT 1 FROM (SELECT SLEEP(25))A)+'
You can read the full article about Cross-Site Scripting and SQL Injection vulnerabilities from here:
13/12/2013 – First Contact – Request Security contact
24/12/2013 – Second Contact – Sent Details
27/12/2013 – Vulnerability Fixed
29/01/2014 – Advisory Released
It has been discovered on testing of Invicti Web Application Security Scanner.
Invicti® can find and report security issues such as SQL Injection and Cross-site Scripting (XSS) in all web applications regardless of the platform and the technology they are built on. Invicti’s unique detection and exploitation techniques allows it to be dead accurate in reporting hence it’s the first and the only False Positive Free web application security scanner.