BID:17193

1WebCalendar Multiple SQL Injection Vulnerabilities

Info

1WebCalendar Multiple SQL Injection Vulnerabilities

Bugtraq ID:	17193
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Mar 22 2006 12:00AM
Updated:	Jan 04 2007 07:51PM
Credit:	rakstija r0t3d3Vil is credited with the discovery of these vulnerabilities.
Vulnerable:	Benson IT Solutions 1WebCalendar 4.0

Not Vulnerable:	Benson IT Solutions 1WebCalendar 4.1

Discussion

1WebCalendar Multiple SQL Injection Vulnerabilities

1WebCalendar is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

Exploit / POC

1WebCalendar Multiple SQL Injection Vulnerabilities

This issue can be exploited using a web client.

The following proof-of-concept URIs are available:

http://www.exampe.com/viewEvent.cfm?EventID=[code]
http://www.exampe.com/news/newsView.cfm?NewsID=[code]
http://www.exampe.com/mainCal.cfm?=[code]

Solution / Fix

1WebCalendar Multiple SQL Injection Vulnerabilities

Solution:
The vendor has released version 4.1 to address this issue; please contact the vendor for information on how to obtain product updates.

References

1WebCalendar Multiple SQL Injection Vulnerabilities

References:

1WebCalendar v 4.x vuln. (r0t)
1WebCalendar Homepage (Benson IT Solutions)