NoviSmart CMS SQL Injection Vulnerability via Referer HTTP Header
Vulnerability
A SQL injection vulnerability has been identified in NoviSmart CMS, allowing remote attackers to execute arbitrary SQL queries. This vulnerability arises from improper handling of the Referer HTTP header, where malicious SQL payloads can be injected. Exploitation of this vulnerability could lead to the extraction of sensitive database information or cause a denial-of-service condition.
Impact
Exploitation of this vulnerability allows for arbitrary SQL execution, which could be used to manipulate the database, extract sensitive information, or cause a denial-of-service condition.
Reproduction
The vulnerability can be reproduced by sending a GET request with a crafted Referer header that includes a time-based SQL injection payload. This payload exploits the application's SQL query handling by injecting malicious SQL code that the database will execute. The injection can be verified by observing the application's response time, which will be delayed if the payload is successfully executed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.