by r0t,der4444,cembo,VietMafia

Saturday, November 19, 2005

phpComasy "id" SQL Injection Vulnerability


phpComasy "id" SQL Injection Vulnerability

author:r0t (hackers.by.lv)
Date:19 nov. 2005
software: phpComasy
affected version: phpComasy 0.7.5 and prior
Vendor:http://www.phpcomasy.org/


Software Description:

phpComasy is a free, open source content management system for small websites.
For this reason, it is a very easy to use content management system for everybody. Each person can administrate content with phpComasy! Some extra features are the uniform control interface, the special template system (no PHP knowledge is needed) and the dynamic picture functions.

Vuln. Description:

Input passed to the "id" parameter in "index.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.


Solution:
Edit the source code to ensure that input is properly sanitised.

3 Comments:

Anonymous Anonymous told...

Is now fixed in version 0.7.6. Thx!

9:05 PM

 
Blogger r0t told...

you are welcome:)

5:27 AM

 
Anonymous Anonymous told...

0.7.6 is now published!

8:20 AM

 

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew