BID:21225

Link Exchange Lite Multiple SQL Injection Vulnerabilities

Info

Link Exchange Lite Multiple SQL Injection Vulnerabilities

Bugtraq ID:	21225
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Nov 21 2006 12:00AM
Updated:	Nov 28 2006 07:29PM
Credit:	Laurent Gaffie and Benjamin Mosse are credited with discovering these issues.
Vulnerable:	Softacid Link Exchange Lite 1.0

Not Vulnerable:

Discussion

Link Exchange Lite Multiple SQL Injection Vulnerabilities

Link Exchange Lite is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

Exploit / POC

Link Exchange Lite Multiple SQL Injection Vulnerabilities

An attacker can exploit these issues via a web client.

The following URIs demonstrate these issues:

http://www.example.com/categories.asp?catID=[SQL Injection]
http://www.example.com/categories.asp?editorID=[SQL Injection]

Solution / Fix

Link Exchange Lite Multiple SQL Injection Vulnerabilities

Solution:
The vendor has released a patch to address this issue. Please contact the vendor for details on obtaining and applying the appropriate updates.

References

Link Exchange Lite Multiple SQL Injection Vulnerabilities

References:

Vendor Home Page (Softacid)
Link Exchange Lite [injection sql] ([email protected])