Bug: LI-countdown SQL Injection Vulnerability ( Ascii Version )

Search:
WLB2

LI-countdown SQL Injection Vulnerability

Published
Credit
Risk
2008.02.15
aaa-aaa net ru
Medium
CWE
CVE
Local
Remote
CWE-89
CVE-2008-0789
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

--------------------Summary----------------

Vendor: LI-Scripts

Vendor's Web Site: http://www.liscripts.net

Software: LI-countdown

Sowtware's Web Site: http://www.liscripts.net/products.php#countdown

Critical Level: Moderate

Type: SQL Injection

Class: Remote

Status: Unpatched

PoC/Exploit: Not Available

Solution: Not Available

Discovered by: http://www.aaa-aaa.net.ru/

-----------------Description---------------

1. SQL Injection.

Vulnerable script: countdown.php

Parameter 'years' is not properly sanitized before being used in SQL

query. This can be used to make SQL queries by injecting arbitrary SQL

code.

Condition: magic_quotes_gpc = off

--------------PoC/Exploit----------------------

Waiting for developer(s) reply.

--------------Solution---------------------

No Patch available.

--------------Credit-----------------------

Discovered by: http://aaa-aaa.net.ru/

Regards,

sex (at) aaa-aaa.net (dot) ru [email concealed]

http://www.aaa-aaa.net.ru/

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version