Scriptme SmE File Mailer Login SQL Injection Vulnerability
BID:22081
Info
Scriptme SmE File Mailer Login SQL Injection Vulnerability
| Bugtraq ID: | 22081 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 16 2007 12:00AM |
| Updated: | Jan 17 2007 04:40PM |
| Credit: | CorryL is credited with the discovery of this vulnerability. |
| Vulnerable: |
scriptme SmE File Mailer 1.21 |
| Not Vulnerable: | |
Discussion
Scriptme SmE File Mailer Login SQL Injection Vulnerability
SmE File Mailer is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
This issue affects version 1.21; other versions may also be vulnerable.
SmE File Mailer is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
This issue affects version 1.21; other versions may also be vulnerable.
Exploit / POC
Scriptme SmE File Mailer Login SQL Injection Vulnerability
Attackers can exploit this issue via a web client.
The following input to the login form is sufficient to exploit this issue:
Login: admin
Password: anything' OR 'x'='x
Attackers can exploit this issue via a web client.
The following input to the login form is sufficient to exploit this issue:
Login: admin
Password: anything' OR 'x'='x
Solution / Fix
References
Scriptme SmE File Mailer Login SQL Injection Vulnerability
References:
References:
- Scriptme Homepage (Scriptme)
- SmE File Mailer Download Page (Scriptme)
- [x0n3-h4ck] SmE FileMailer 1.21 Remote Sql Injextion Exploit (CorryL)