Multiple Hi Web Wiesbaden Rueckwaerts Auktion System Products 'cafe.php' SQL Injection Vulnerability
BID:40035
Info
Multiple Hi Web Wiesbaden Rueckwaerts Auktion System Products 'cafe.php' SQL Injection Vulnerability
| Bugtraq ID: | 40035 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 08 2010 12:00AM |
| Updated: | May 10 2010 10:52PM |
| Credit: | Easy Laster |
| Vulnerable: |
Hi Web Wiesbaden Rueckwaerts Auktionshaus Community Premium System 0 Hi Web Wiesbaden Countdown Standart Rückwärts Auktions System 0 |
| Not Vulnerable: | |
Discussion
Multiple Hi Web Wiesbaden Rueckwaerts Auktion System Products 'cafe.php' SQL Injection Vulnerability
Multiple Hi Web Wiesbaden Rueckwaerts Auktions System products are prone to an SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Multiple Hi Web Wiesbaden Rueckwaerts Auktions System products are prone to an SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Exploit / POC
Multiple Hi Web Wiesbaden Rueckwaerts Auktion System Products 'cafe.php' SQL Injection Vulnerability
Attackers can use a browser to exploit this issue.
The following example URI is available:
http://www.example.com/auktion/cafe.php?id=1+and+1=1+and+ascii(substring((SELECT password FROM fh_user+WHERE+iduser=1 LIMIT 0,1),1,1))>1
Attackers can use a browser to exploit this issue.
The following example URI is available:
http://www.example.com/auktion/cafe.php?id=1+and+1=1+and+ascii(substring((SELECT password FROM fh_user+WHERE+iduser=1 LIMIT 0,1),1,1))>1
Solution / Fix
Multiple Hi Web Wiesbaden Rueckwaerts Auktion System Products 'cafe.php' SQL Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Multiple Hi Web Wiesbaden Rueckwaerts Auktion System Products 'cafe.php' SQL Injection Vulnerability
References:
References:
- Countdown Standart Rückwärts Auktions (Hi Web Wiesbaden)
- Ruckwarts Auktionshaus Community Premium System - Homepage (Hi Web Wiesbaden)