The vulnerabilities allow an attacker (remote) or local low privileged user account to execute a SQL commands on the affected application dbms. The vulnerabilities are located in the responder, preview, pages, navlinks, contacts, register and index modules with the bound vulnerable id & form_id parameters. Successful exploitation of the vulnerability results in dbms & application compromise. Exploitation requires no user inter action & without privileged user account.
A persistent input validation vulnerability is detected in the Omnistar Mailer v7.2 Email Marketing Software. The bugs allow remote attackers to implement/inject malicious script code on the application side (persistent). The persistent vulnerability is located in the Create Website Forms module with the bound vulnerable form name parameters. Successful exploitation of the vulnerability can lead to session hijacking (manager/admin) or stable (persistent) context manipulation.Exploitation requires low user inter action & privileged user account.
[+] Customise Interface -> Create Website Forms
[+] Create Standard Registration Form -> Add form
[+] Form Name
Proof of Concept:
The SQL injection vulnerabilities can be exploited by remote attackers without user inter action. For demonstration or reproduce ...
--- SQL Exception ---
SQL error (You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server version for the right syntax to use near ''9''' at line 3)
The persistent input validation vulnerability can be exploited by remote attackers with low required user inter action & low privileged user account. For demonstration or reproduce ...
2012-10-01: Public or Non-Public Disclosure