MAXDEV CMS PNuserapi.PHP SQL Injection Vulnerability

Bugtraq ID:	17399
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 06 2006 12:00AM
Updated:	Jun 21 2006 03:45PM
Credit:	[email protected] is credited with the discovery of this vulnerability.
Vulnerable:	MAXdev MD-Pro 1.0.73 MAXdev MD-Pro 1.0.72
Not Vulnerable:	MAXdev MD-Pro 1.0.76

MAXDEV CMS PNuserapi.PHP SQL Injection Vulnerability

MAXDEV CMS is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

MAXDEV CMS PNuserapi.PHP SQL Injection Vulnerability

This issue can be exploited through a web client.


Example URIs have been provided:

http://www.example.com/maxdev/index.php?module=Topics&func=display&topicid=0 AND 1=0
http://www.example.com/maxdev/index.php?module=Topics&func=display&topicid=0 AND 1=1

MAXDEV CMS PNuserapi.PHP SQL Injection Vulnerability

Solution:
The vendor has addressed this issue in version 1.076 and later. Contact the vendor for details on obtaining the appropriate updates.

MAXDEV CMS PNuserapi.PHP SQL Injection Vulnerability

References:

• MAXdev MD-Pro Homepage (MAXdev)
  
• Support and security �?� MDPro �?� Security update for MDPro 1.076 (MAXdev)
  
• MAXDEV CMS Multiple vulnerabilities ([email protected])