Phorum Phorum_URIAuth SQL Injection Vulnerability
BID:10173
Info
Phorum Phorum_URIAuth SQL Injection Vulnerability
| Bugtraq ID: | 10173 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 19 2004 12:00AM |
| Updated: | Apr 19 2004 12:00AM |
| Credit: | Discovery of this issue is credited to Janek Vind <[email protected]>. |
| Vulnerable: |
Phorum Phorum 3.4.8 Phorum Phorum 3.4.7 |
| Not Vulnerable: |
Phorum Phorum 3.4.8 a |
Discussion
Phorum Phorum_URIAuth SQL Injection Vulnerability
Reportedly Phorum is affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitized user supplied URI input.
This issue may allow a remote attacker to manipulate query logic, leading to unauthorized access to sensitive information such as the user password hash or corruption of database data. SQL injection attacks may also potentially be used to exploit latent vulnerabilities in the underlying database implementation.
Reportedly Phorum is affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitized user supplied URI input.
This issue may allow a remote attacker to manipulate query logic, leading to unauthorized access to sensitive information such as the user password hash or corruption of database data. SQL injection attacks may also potentially be used to exploit latent vulnerabilities in the underlying database implementation.
Exploit / POC
Phorum Phorum_URIAuth SQL Injection Vulnerability
No exploit is required to leverage this issue. A proof of concept demonstrating this issue may be found at the following location:
http://www.example.com/index.php?modname=saf&id=4
No exploit is required to leverage this issue. A proof of concept demonstrating this issue may be found at the following location:
http://www.example.com/index.php?modname=saf&id=4
Solution / Fix
Phorum Phorum_URIAuth SQL Injection Vulnerability
Solution:
The vendor has released upgrades.
Phorum Phorum 3.4.7
Phorum Phorum 3.4.8
Solution:
The vendor has released upgrades.
Phorum Phorum 3.4.7
-
Phorum phorum-3.4.8a.tar.gz
http://phorum.org/downloads/phorum-3.4.8a.tar.gz
Phorum Phorum 3.4.8
-
Phorum phorum-3.4.8a.tar.gz
http://phorum.org/downloads/phorum-3.4.8a.tar.gz
References
Phorum Phorum_URIAuth SQL Injection Vulnerability
References:
References:
- Phorum Homepage (Phorum)
- [waraxe-2004-SA#019 - Critical sql injection bug in Phorum 3.4.7] (Janek Vind
)