[UNIX] AutoRank PHP SQL Injection Vulnerabilities
From: SecuriTeam (support_at_securiteam.com)
Date: 12/22/03
- Previous message: SecuriTeam: "[NEWS] Buffer Overflow Allows Privileges Escalation in MacOS X"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: list@securiteam.com Date: 22 Dec 2003 13:58:01 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
AutoRank PHP SQL Injection Vulnerabilities
------------------------------------------------------------------------
SUMMARY
<http://www.jmbsoft.com/software/arphp/> AutoRank PHP is "our next
generation toplist software, written completely in PHP and backed by a
MySQL database". AutoRank PHP is vulnerable to SQL Injection attacks.
DETAILS
Vulnerable systems:
* AutoRank PHP version 2.0.4
The vulnerabilities can be exploited by injecting SQL queries into the
user & password fields when editing an account, the email field when
requesting a lost password and the username field when registering an
account. If a malicious attacker logs in with the username and password
'-- he will automatically be given access to the first account cataloged
in the database. He can then view the HTML source code to view that user's
password in plain text. This also leaves the database being used by
AutoRank PHP open for attack. The affected file is accounts.php.
ADDITIONAL INFORMATION
The information has been provided by <mailto:security@gulftech.org>
JeiAr.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: SecuriTeam: "[NEWS] Buffer Overflow Allows Privileges Escalation in MacOS X"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- [REVS] Acoustic Cryptanalysis: On Nosy People and Noisy Machines
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... emitted by a computer's CPU.
... systems is side-channel attacks: ... desktop and laptop computers, and
in all cases it was possible to ... (Securiteam) - Re: [Full-disclosure] Web Honeynet Project: announcement, exploit URLs this Wednesday
... The newly formed Web Honeynet Project from SecuriTeam and the ISOTF will ...
in the next few months announce research on real-world web server attacks ... cross-platform
(for web servers) and currently exploited in the wild. ... The Web Honeynet Project
will, for now, not deal with the regular SQL ... (Full-Disclosure) - [UNIX] Horde Framework and Horde IMP /index.php Cross Site Referencing
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... Horde Framework and Horde
IMP /index.php Cross Site Referencing ... web-based vulnerabilities that were identified
in Horde 3.0.4 and verified ... This is very useful within technical supported phishing attacks.
... (Securiteam) - [NT] Blank Administrator Password on OEM Windows XP Installation
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... Use of this account will
allow anyone with physical ... * DELL Laptops with pre installed Microsoft Windows XP Professional
SP2 ... is prompted to create a regular user account for general use. ... (Securiteam) - [NEWS] Dedicated Mobile Services Carry Out Anonymous Web Attacks
... The following security advisory is sent to the securiteam mailing list, and can be
found at the SecuriTeam web site: http://www.securiteam.com ... to anonymously browse web resources
and execute attacks against them. ... An attacker can take advantage of the Google's WMLProxy
Service by sending ... a HTTP GET request with carefully modified URL of a malicious
nature. ... (Securiteam)
