by r0t,der4444,cembo,VietMafia

Thursday, December 01, 2005

NetClassifieds all versions SQL inj. vuln

NetClassifieds all versions SQL inj. vuln

Vuln. dicovered by : r0t
Date: 1 dec. 2005
Vendor:http://scriptdevelopers.net/
affected version:
NetClassifieds Premium Edition 1.0.1
NetClassifieds Professional Edition 1.5.1
NetClassifieds Standard Edition 1.9.6.3
NetClassifieds Free Edition 1.0.1


Vuln. Description:

Input passed to the "CatID" parameter in "ViewCat.php" and "gallery.php","ItemNum" parameter in "ViewItem.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.


examples:
/ViewCat.php?CatID=[SQL]
/gallery.php?CatID=[SQL]
/ViewItem.php?ItemNum=[SQL]

Solution:

Edit the source code to ensure that input is properly sanitised.

1 Comments:

Anonymous Anonymous told...

Great job of reporting to the vendor first so they could release a fix with the announcement of the problem! Thankfully most people who report bugs are responsible enough to let the vendor know ahead of time so a fix can be issued.

9:56 PM

 

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew