Crafty Syntax Live Help Multiple SQL Injection Vulnerabilities
BID:30825
Info
Crafty Syntax Live Help Multiple SQL Injection Vulnerabilities
| Bugtraq ID: | 30825 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-3845 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 25 2008 12:00AM |
| Updated: | May 07 2015 05:24PM |
| Credit: | James Bercegay of the GulfTech Security Research Team |
| Vulnerable: |
Crafty Syntax Live Help Crafty Syntax Live Help 2.4.16 |
| Not Vulnerable: |
Crafty Syntax Live Help Crafty Syntax Live Help 2.15 |
Discussion
Crafty Syntax Live Help Multiple SQL Injection Vulnerabilities
Crafty Syntax Live Help is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Crafty Syntax Live Help 2.14.6 is vulnerable; prior versions may also be affected.
Crafty Syntax Live Help is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Crafty Syntax Live Help 2.14.6 is vulnerable; prior versions may also be affected.
Exploit / POC
Crafty Syntax Live Help Multiple SQL Injection Vulnerabilities
Attackers can use a browser to exploit these issues.
The following example URI is available:
http://www.example.com/is_xmlhttp.php?scriptname=1&department=-99%20UNION%20SELECT%201,2,concat(username,char(58),password),4,5,6,7,8,9%20FROM%20livehelp_users/*
Attackers can use a browser to exploit these issues.
The following example URI is available:
http://www.example.com/is_xmlhttp.php?scriptname=1&department=-99%20UNION%20SELECT%201,2,concat(username,char(58),password),4,5,6,7,8,9%20FROM%20livehelp_users/*
Solution / Fix
Crafty Syntax Live Help Multiple SQL Injection Vulnerabilities
Solution:
The vendor released an update. Please see the references for more information.
Solution:
The vendor released an update. Please see the references for more information.
References
Crafty Syntax Live Help Multiple SQL Injection Vulnerabilities
References:
References:
- Crafty Syntax Live Help Homepage (Crafty Syntax Live Help)
- SECURITY UPGRADE IMMEDIATELY (Craft Syntax Live Help)
- Crafty Syntax Live Help <= 2.14.6 SQL Injection (GulfTech Security Research