by r0t,der4444,cembo,VietMafia

Tuesday, November 29, 2005

Orca Knowledgebase SQL vuln.

Orca Knowledgebase SQL vuln.
Vuln. dicovered by : r0t
Date: 29 nov. 2005
Vendor:http://www.greywyvern.com/orca#know
affected version: 2.1b and prior

Product Description:
The Orca Knowledgebase is the simplest way to create and manage a knowledgebase or FAQ of questions and answers, organized by category and subcategory. The script comes of age in version 2.0 with many intuitive features, improved administration and full-featured search functions. A separate stylesheet provides easy visual customization. Both the User GUI and Control Panel layouts have been completely redesigned for speed and ease of use. Hosting and managing a comprehesive knowledgebase has never been this easy!

Vuln. description:
Input passed to the "qid" parameter isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

example:
/knowledgebase?qid=[SQL]

Solution:
Edit the source code to ensure that input is properly sanitised.

1 Comments:

Anonymous GreyWyvern told...

Vendor patch 2.1c
http://www.greywyvern.com/orca#know

11:26 PM

 

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew