[VIM] Blue CMS `X-Forwarded-For' Header SQL Injection Vulnerability

George A. Theall theall at tenable.com
Mon Sep 6 20:01:01 CDT 2010

Bugtraq 42999 covers a vulnerability based apparently on the advisory  
published at <http://bbs.wolvez.org/viewtopic.php?id=148>. The exploit  
has the string "BlueCMS v1.6 sp1" and involves the script  
'comment.php' but doesn't otherwise point to the vendor.

SecurityFocus in its BID references <http://www.bluefountain.com/solutions/blue-cms-content-management-system 
 >, an English company with a couple of different products, one of  
which is "Blue CMS". While I don't see a download for that product or  
a demo, so I can't be sure. Still, the product description talks about  
it using Plone, which makes me wonder if the reference isn't wrong.

And indeed, if you search on 'bluecms "v1.6"', one of the top hits  
uncovered is to http://www.bluecms.net/, a Chinese site, which offers  
a download for "BlueCMS v1.6 sp1" and seems to require PHP and MySQL.  
Unfortunately, the download link doesn't work currently.

Any thoughts? Rob?

theall at tenablesecurity.com

More information about the VIM mailing list