MD News Admin.PHP SQL Injection Vulnerability

Bugtraq ID:	17394
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 06 2006 12:00AM
Updated:	Apr 19 2006 08:26PM
Credit:	Aliaksandr Hartsuyeu is credited with the discovery of this vulnerability.
Vulnerable:	Matthew Dingley MD News 1
Not Vulnerable:

MD News Admin.PHP SQL Injection Vulnerability

MD News is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

MD News Admin.PHP SQL Injection Vulnerability


This issue can be exploited through a web client.

The following proof of concept is available:

http://www.example.com/admin.php?action=full&id=-1 union select 1,2,3,4,5

MD News Admin.PHP SQL Injection Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]

MD News Admin.PHP SQL Injection Vulnerability

References:

• MD News Authentication Bypass and SQL Injection Vulnerabilities (eVuln.com)
  
• MD News Web Site (Matthew Dingley)
  
• [eVuln] MD News Authentication Bypass and SQL Injection ([email protected])