XAMPP 'cds.php' SQL Injection vulnerability

2008.10.06
Credit: Jaykishan Nirmal
Risk: Medium
Local: Yes
Remote: Yes
CVE: N/A
CWE: CWE-89

Title XAMPP 'cds.php' SQL Injection vulnerability Provided and/or Discovered By: Jaykishan Nirmal from Aujas Networks Release Date: 3rd October, 2008 Class Input Validation Error Risk High Remotely Exploitable Yes Locally Exploitable Yes Vulnerable File http://www.example.com/xampp/cds.php Exploit/Proof of Concept: http://www.example.com/xampp/cds.php?action=del&id=1 or 1 Technical Details In PHP-script called 'cds.php', parameter 'id' is vulnerable to SQL Injection attacks. Input passed to the 'id' parameter in 'cds.php' isn't properly sanitized before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code which can delete all CD record(s) stored in database. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. Vulnerable Versions: XAMPP v1.6.8 (Earlier versions might be affected) Platform: Windows (Others might be affected) Reference(s) XAMPP Home Page – http://www.apachefriends.org/en/xampp.html SecurityFocus – http://www.securityfocus.com/bid/31564 Report Timeline(s) 02-10-2008: Aujas Networks notifies XAMPP development team about vulnerability 02-10-2008: Vendor response Contact Jaykishan.nirmal [at] aujas [dot] com

References:

http://www.apachefriends.org/en/xampp.html
http://www.securityfocus.com/bid/31564


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top