by r0t,der4444,cembo,VietMafia

Monday, November 28, 2005

FaqRing 3.0 SQL inj. vuln.

FAQSystems Free Knowledgebase "id" SQL inj. vuln.
Vuln. dicovered by : r0t
Date: 28 nov. 2005
Vendor:http://faqsystems.com/
affected version: 3.0 and prior

Product Description:

FaqRing is a free knowledge base application developed to be quickly integrated into any web site allowing end users to post questions, and administrators to quickly answerer the question and publishing them to the end users for reference or removing the question from the knowledge base.


Vuln. description:
Input passed to the "id" parameter in "answer.php" isn't properly sanitised before being used in a SQL query.This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

example:

/answer.php?id=[SQL]

Solution:
Edit the source code to ensure that input is properly sanitised.

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew