SpamTitan 'viewmail.php' SQL Injection Vulnerability
BID:51643
Info
SpamTitan 'viewmail.php' SQL Injection Vulnerability
| Bugtraq ID: | 51643 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 24 2012 12:00AM |
| Updated: | Jan 24 2012 12:00AM |
| Credit: | Benjamin Kunz Mejri & Pim J.F. Campers |
| Vulnerable: |
SpamTitan SpamTitan 5.08 |
| Not Vulnerable: | |
Discussion
SpamTitan 'viewmail.php' SQL Injection Vulnerability
SpamTitan is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
SpamTitan 5.08 is vulnerable; other versions may also be affected.
SpamTitan is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
SpamTitan 5.08 is vulnerable; other versions may also be affected.
Exploit / POC
SpamTitan 'viewmail.php' SQL Injection Vulnerability
Attackers can use a browser to exploit this issue.
The following example URI is available:
http://www.example.com/viewmail.php?activepage=details&qid=w3jYVc7V3LFF&rid=87%27%20order%20by%2015--
Attackers can use a browser to exploit this issue.
The following example URI is available:
http://www.example.com/viewmail.php?activepage=details&qid=w3jYVc7V3LFF&rid=87%27%20order%20by%2015--
References
SpamTitan 'viewmail.php' SQL Injection Vulnerability
References:
References:
- SpamTitan Application v5.08x - SQL Injection Vulnerability (Vulnerability Research Laboratory)
- SpamTitan Homepage (SpamTitan)