Michelles L2J DropCalc I-Search.PHP SQL Injection Vulnerability

Bugtraq ID:	22335
Class:	Input Validation Error
CVE:	CVE-2007-0687
Remote:	Yes
Local:	No
Published:	Jan 31 2007 12:00AM
Updated:	May 12 2015 07:34PM
Credit:	Codebreak <[email protected]> is credited with the discovery of this vulnerability.
Vulnerable:	Michelle Knight L2J Dropcalc 4
Not Vulnerable:

Michelles L2J DropCalc I-Search.PHP SQL Injection Vulnerability

L2J Dropcalc is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

This issue affects L2J Dropcalc 4 and prior versions.

Michelles L2J DropCalc I-Search.PHP SQL Injection Vulnerability

Attackers can exploit this issue via a web client.

The following proof-of-concept URI and exploit are available:

http://www.example.com/i-search.php?itemid=&username=[User]&token=[Token]&langval=lang-eng.php&server_id=0&skin_id=0&itemid=[SQL]

• /data/vulnerabilities/exploits/22235.php

Michelles L2J DropCalc I-Search.PHP SQL Injection Vulnerability

Solution:
The vendor released an update. Please see the references for more information.,

Michelles L2J DropCalc I-Search.PHP SQL Injection Vulnerability

References:

• Michelle Knight L2J Dropcalc Homepage (Michelle Knight )