SQL-injections in koobi-cms
From: CENSORED (censored_at_mail.ru)
Date: 04/27/05
- Previous message: Conectiva Updates: "[CLA-2005:949] Conectiva Security Announcement - gaim"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 27 Apr 2005 20:25:18 -0000 To: bugtraq@securityfocus.com('binary' encoding is not supported, stored as-is)
SQL-injections in koobi-cms 4.2.3
_____________________________________________________________
The program: koobi-cms
Homepage: http://www.dream4.de/
Vulnerable Versions: 4.2.3
Has found: CENSORED [SVT] 28.04.05
_____________________________________________________________
The description
---------------
Vulnerability has been found in parameter page. In koobi-cms it
Refers to - p. Data transferred to this parameter not
Are filtered. Owing to it it is possible to make SQL-injections.
As at substitution of a symbol ', probably to define
House dir a server.
Still the mistake exists in parameter q. It is used for
Search on a site.
Examples
--------
http://127.0.0.1/index.php?p='[SQL code]
http://127.0.0.1/index.php?area=1&p='[SQL code]
http://127.0.0.1/index.php?q='[SQL code]
The conclusion
--------------
Vulnerability is found out in version 4.2.3, on other versions
Research did not spend. Probably they too are vulnerable.
-------------------------------------------------------------
CENSORED Search Vulnerabilities Team
www.security-tmp.net.ru
- Previous message: Conectiva Updates: "[CLA-2005:949] Conectiva Security Announcement - gaim"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
