[VIM] Blue CMS `X-Forwarded-For' Header SQL Injection Vulnerability
George A. Theall
theall at tenable.com
Mon Sep 6 20:01:01 CDT 2010
Bugtraq 42999 covers a vulnerability based apparently on the advisory
published at <http://bbs.wolvez.org/viewtopic.php?id=148>. The exploit
has the string "BlueCMS v1.6 sp1" and involves the script
'comment.php' but doesn't otherwise point to the vendor.
SecurityFocus in its BID references <http://www.bluefountain.com/solutions/blue-cms-content-management-system
>, an English company with a couple of different products, one of
which is "Blue CMS". While I don't see a download for that product or
a demo, so I can't be sure. Still, the product description talks about
it using Plone, which makes me wonder if the reference isn't wrong.
And indeed, if you search on 'bluecms "v1.6"', one of the top hits
uncovered is to http://www.bluecms.net/, a Chinese site, which offers
a download for "BlueCMS v1.6 sp1" and seems to require PHP and MySQL.
Unfortunately, the download link doesn't work currently.
Any thoughts? Rob?
theall at tenablesecurity.com
More information about the VIM