RETIRED: PHPmotion SQL Injection and Arbitrary File Upload Vulnerabilities
BID:29949
Info
RETIRED: PHPmotion SQL Injection and Arbitrary File Upload Vulnerabilities
| Bugtraq ID: | 29949 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-3117 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 25 2008 12:00AM |
| Updated: | May 12 2015 07:48PM |
| Credit: | EgiX |
| Vulnerable: |
PHPmotion PHPmotion 2.0 |
| Not Vulnerable: | |
Discussion
RETIRED: PHPmotion SQL Injection and Arbitrary File Upload Vulnerabilities
PHPmotion is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include an SQL-injection vulnerability and an arbitrary-file-upload vulnerability.
Exploiting these issues could allow an attacker to compromise the application, execute arbitrary code, access or modify data, or exploit latent vulnerabilities in the underlying database.
PHPmotion 2.0 and prior versions are affected.
NOTE: Information from the vendor and further analysis show that the application is not affected by these issues.
PHPmotion is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include an SQL-injection vulnerability and an arbitrary-file-upload vulnerability.
Exploiting these issues could allow an attacker to compromise the application, execute arbitrary code, access or modify data, or exploit latent vulnerabilities in the underlying database.
PHPmotion 2.0 and prior versions are affected.
NOTE: Information from the vendor and further analysis show that the application is not affected by these issues.
Exploit / POC
RETIRED: PHPmotion SQL Injection and Arbitrary File Upload Vulnerabilities
Attackers can use a browser to exploit these issues.
The following proof of concept is available:
Attackers can use a browser to exploit these issues.
The following proof of concept is available:
Solution / Fix
RETIRED: PHPmotion SQL Injection and Arbitrary File Upload Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
RETIRED: PHPmotion SQL Injection and Arbitrary File Upload Vulnerabilities
References:
References:
- PHPmotion Homepage (PHPmotion)