by r0t,der4444,cembo,VietMafia

Thursday, June 01, 2006

Lore <=1.5.6 SQL injection vuln.

###############################################
Vuln. discovered by : r0t
Date: 1 june 2006
vendor:http://www.pineappletechnologies.com/products/lore/
affected versions:1.5.6 and prior
###############################################

Vuln. Description:

Lore contains a flaw that allows a remote sql injection attacks.Input passed to the "article_id" parameter in "comment.php" isn't properly sanitised before being used in a SQL query.
This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

###############################################
Solution:
Edit the source code to ensure that input is properly sanitised.
###############################################
Status:
reported to vendor
###############################################
More information @ unsecured-systems.com/forum/

1 Comments:

Anonymous Pineapple Technologies told...

This has been patched in Lore 1.5.7:
http://pineappletechnologies.com/kb/idx.php/8/025/Versions/article/Changelog.html

12:44 AM

 

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew