by r0t,der4444,cembo,VietMafia

Friday, November 25, 2005

Helpdesk Issue Manager v0.9 SQL inj.

Helpdesk Issue Manager v0.9 SQL inj.
Vuln. dicovered by : r0t
Date: 25 nov. 2005
Vendor:http://helpdesk.centralmanclc.com/
affected vesion:v0.9 and prior

Vuln. Description:
Input passed to the "id" parameter in "issue.php" isn't properly sanitised before being used in a SQL query.
And parameters in "find.php" isn't properly sanitised before being used in a SQL query.
This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

examples:
/issue.php?id=[SQL]
/find.php?act=action&reset=yes&detail%5B%5D=[SQL]
/find.php?page=0&act=action&orderby=sortorder&orderdir=[SQL]
/find.php?page=0&act=action&orderby=[SQL]

Solution:
Edit the source code to ensure that input is properly sanitised.

1 Comments:

Anonymous IT help desk software told...

Hi - I’m a newbie trying to find some information
relating to helpdesk
However, I managed to find your Blog which I think is interesting and had some relevance to what I was looking for. Thanks for your post and do keep up your good work.!

9:45 PM

 

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew