Computer Security

Security Advisory: Papoo Multiple SQL vuln.
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

  Tolva PHP website system Remote File Include

  [ECHO_ADV_24$2005] Full path disclosure on WordPress < 1.5.2

  [SA18159] Information Call Center "CallCenterData.
mdb" Exposure of User Credentials

  Text-e XSS vuln.

From:r0t <krustevs_(at)_googlemail.com>
Date:21.12.2005
Subject:Papoo Multiple SQL vuln.

Papoo Multiple SQL vuln.

Vuln. discovered by : r0t
Date: 21 dec. 2005
orginal advisory:http://pridels.blogspot.com/2005/12/papoo-multiple-sql-vuln.html
vendor:http://www.papoo.org/
affected version:2.1.2 and prior

Product Description:

Papoo ist an easy to use, accessible CMS. It respects for Frontend and Administration the rules of the WCAG and ATAG. Papoo is Open Source.

Vuln. Description:

Papoo contains a flaw that allows a remote sql injection attacks.Input passed to the "menuid" parameter in "index.php" "guestbook.php" and "forumid" "reporeid_print" parameter in " print.php"  isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code

examples:

/index.php?menuid=[SQL]
/guestbook.php?menuid=[SQL]
/print.php?reporeid_print=&forumid=[SQL]
/print.php?reporeid_print=[SQL]


Solution:
Edit the source code to ensure that input is properly sanitised.

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru