by r0t,der4444,cembo,VietMafia

Monday, November 28, 2005

Netzbrett 1.5.1 SQL inj. vuln.

Netzbrett 1.5.1 SQL inj. vuln.

Vuln. dicovered by : r0t
Date: 28 nov. 2005
Vendor:http://www.weaverslave.ws/index.32.html
affected version: 1.5.1 and prior

Product Description:

Netzbrett is a Web board / forum system written in PHP3/4 that can use flat text files, mysql or the PHP 4 db object (Interbase, MSQL, MSSQL, mySQL, Oracle 8, ODBC, PostgresSQL, Storage, Sybase) for data handling. The forum includes a simple Admin mode, which enables modifying and deletion of entries by the admin. It also includes a print view. The program is avaliable in English, German, Italian, Chinese (Taiwan) and many other languages. You can show the dates as C.A., B.E or Thai.

Vuln. description:

Input passed to the "p_entry" parameter in "index.php" isn't properly sanitised before being used in a SQL query.This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

example:
/index.php?p_lng=en&p_days=15&p_cmd=entry&p_entry=1[SQL]

Solution:
Edit the source code to ensure that input is properly sanitised.

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew