"wsnuser" Cookie SQL Injection vulnerability in WSN Guest

2011-02-23 / 2011-02-24
Risk: High
Local: No
Remote: Yes
CWE: CWE-89


Ogólna skala CVSS: 7.5/10
Znaczenie: 6.4/10
Łatwość wykorzystania: 10/10
Wymagany dostęp: Zdalny
Złożoność ataku: Niska
Autoryzacja: Nie wymagana
Wpływ na poufność: Częściowy
Wpływ na integralność: Częściowy
Wpływ na dostępność: Częściowy

www.eVuln.com advisory: "wsnuser" Cookie SQL Injection vulnerability in WSN Guest -----------Summary----------- http://evuln.com/vulns/174/summary.html eVuln ID: EV0174 Software: WSN Guest Vendor: n/a Version: 1.24 Critical Level: medium Type: SQL Injection Status: Unpatched. No reply from developer(s) PoC: Available Solution: Not available Discovered by: Aliaksandr Hartsuyeu ( http://evuln.com/ ) --------Description-------- http://evuln.com/vulns/174/description.html SQL Injection in "wsnuser" Cookie It is possible to inject arbitrary SQL query using "wsnuser" cookie parameter in the "index.php" script. Parameter "wsnuser" is used in SQL query without proper sanitation. --------PoC/Exploit-------- PoC code is available at: http://evuln.com/vulns/174/exploit.html ---------Solution---------- Not available ----------Credit----------- Vulnerability discovered by Aliaksandr Hartsuyeu http://evuln.com/penetration-test.html - website manual penetration testing

Referencje:

http://xforce.iss.net/xforce/xfdb/65527
http://www.securityfocus.com/bid/46444
http://www.securityfocus.com/archive/1/archive/1/516519/100/0/threaded
http://secunia.com/advisories/43374
http://evuln.com/vulns/174/summary.html


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top