by r0t,der4444,cembo,VietMafia

Tuesday, November 29, 2005

Codewalkers ltwCalendar 4.x SQL inj. vuln

Codewalkers ltwCalendar 4.x SQL inj. vuln
Vuln. dicovered by : r0t
Date: 29 nov. 2005
Vendor:http://calendar.codewalkers.com/
affected version: v4.1.3 and prior

Product Description:
ltwCalendar is an event calendar programmed in PHP and currently uses mySQL as a database backend. With ltwCalendar, you can add single events or recurring events. Everything is in a very customizable layout and should be very easy to integrate with your site. Do keep in my though that my initial intent was to never release this code into the wild. I was just making this for a personal project. After I got done with it however I decided I would give it to the world.

Vuln. description:
Input passed to the "id" parameter in "calendar.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

example:
/calendar.php?display=event&id=[SQL]

Solution:
Edit the source code to ensure that input is properly sanitised.

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew