phpNewsManager Multiple SQL Injections

2006.04.10
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-89


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

New eVuln Advisory: phpNewsManager Multiple SQL Injections http://evuln.com/vulns/110/summary.html --------------------Summary---------------- eVuln ID: EV0110 CVE: CVE-2006-1560 Vendor: SkinTech Group Vendor's Web Site: http://www.skintech.org/ Software: phpNewsManager Versions: 1.48 Critical Level: Moderate Type: SQL Injection Class: Remote Status: Unpatched. No reply from developer(s) PoC/Exploit: Not Available Solution: Not Available Discovered by: Aliaksandr Hartsuyeu (eVuln.com) -----------------Description--------------- All user-defined variables are not properly sanitized before being used in SQL queries. This can be used to bypass authentication or make any SQL query by injecting arbitrary SQL code. Vulnerable scripts: browse.php category.php gallery.php poll.php ... --------------PoC/Exploit---------------------- Waiting for developer(s) reply. If there is no reply exploitation code will be published in 10 days http://evuln.com/vulns/110/exploit.html --------------Solution--------------------- No Patch available. --------------Credit----------------------- Discovered by: Aliaksandr Hartsuyeu (eVuln.com) Regards, Aliaksandr Hartsuyeu http://evuln.com - Penetration Testing Services .


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top