RSS-aggregator Multiple SQL Injection And Authentication Bypass Vulnerabilities
BID:30016
Info
RSS-aggregator Multiple SQL Injection And Authentication Bypass Vulnerabilities
| Bugtraq ID: | 30016 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-3033 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 30 2008 12:00AM |
| Updated: | May 07 2015 05:27PM |
| Credit: | CWH Underground |
| Vulnerable: |
RSS-aggregator RSS-aggregator 1.0 |
| Not Vulnerable: | |
Discussion
RSS-aggregator Multiple SQL Injection And Authentication Bypass Vulnerabilities
RSS-aggregator is prone to multiple SQL-injection and authentication-bypass vulnerabilities.
A successful exploit could allow an attacker to compromise the application, access or modify data, exploit vulnerabilities in the underlying database, and gain administrative access to the affected application.
RSS-aggregator 1.0 is vulnerable; other versions may also be affected.
RSS-aggregator is prone to multiple SQL-injection and authentication-bypass vulnerabilities.
A successful exploit could allow an attacker to compromise the application, access or modify data, exploit vulnerabilities in the underlying database, and gain administrative access to the affected application.
RSS-aggregator 1.0 is vulnerable; other versions may also be affected.
Exploit / POC
RSS-aggregator Multiple SQL Injection And Authentication Bypass Vulnerabilities
Attackers can exploit these issues via a browser.
The following proof-of-concept URIs are available:
http://www.example.com/admin/fonctions/supprimer_flux.php?IdFlux=[SQL injection]
http://www.example.com/admin/fonctions/supprimer_tag.php?IdTag=[SQL injection]
http://www.example.com/admin/fonctions/supprimer_flux.php?IdFlux=5
http://www.example.com/admin/fonctions/modifier_tps_rafraich.php?TpsRafraich=500
Attackers can exploit these issues via a browser.
The following proof-of-concept URIs are available:
http://www.example.com/admin/fonctions/supprimer_flux.php?IdFlux=[SQL injection]
http://www.example.com/admin/fonctions/supprimer_tag.php?IdTag=[SQL injection]
http://www.example.com/admin/fonctions/supprimer_flux.php?IdFlux=5
http://www.example.com/admin/fonctions/modifier_tps_rafraich.php?TpsRafraich=500
Solution / Fix
RSS-aggregator Multiple SQL Injection And Authentication Bypass Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
RSS-aggregator Multiple SQL Injection And Authentication Bypass Vulnerabilities
References:
References:
- RSS-aggregator Homepage (RSS-aggregator)
- RSS-aggregator Multiple vulnerabilities (Sylvain
)