Siteserver has severe SQL injection. Attackers can bypass the security dog and continue to test the modal_UserView.aspx page of SiteServer cms. The SQL injection vulnerability exists. Attackers can exploit the vulnerability to access the database without authorization. Modal_UserView.aspx page, corresponding source code in the site directory Bin \ UserCenter. pages. in the dll file, the specific SQL operation code is in UserCenter. backgroundPages. modal. in the Page_Load method of the UserView class, the Code is as follows: visible. The Code does not process the UserName parameter, that is, it is passed into GetUserInfo for database query. The specific code can be found in: UserCenter. Provider. dll \ UserCenter. Provider. Data. SqlServer \ UserDAO. cs. The underlying function is directly spliced to put the variable userName in SQL for query. Cause SQL injection. Official site point http://2012.moban.siteserver.cn because too many people have been on the official dog safety, in order to prove the existence of this vulnerability, so after trying to find can bypass the safe dog proof as follows:
Solution:Siteserver is very serious for injection and directly affects core data. It is a real high-risk vulnerability.