BID:53398

Trombinoscope 'photo.php' Server SQL Injection Vulnerability

Info

Trombinoscope 'photo.php' Server SQL Injection Vulnerability

Bugtraq ID:	53398
Class:	Input Validation Error
CVE:	CVE-2012-4282
Remote:	Yes
Local:	No
Published:	May 07 2012 12:00AM
Updated:	Aug 16 2012 01:20PM
Credit:	Ramdan Yantu
Vulnerable:	Toocharger Trombinoscope 3.5 Toocharger Trombinoscope 3.4

Not Vulnerable:

Discussion

Trombinoscope 'photo.php' Server SQL Injection Vulnerability

Trombinoscope is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Trombinoscope 3.5 and prior versions are vulnerable.

Exploit / POC

Trombinoscope 'photo.php' Server SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following exploit URI is available.

http://www.example.com/[script]/photo.php?id=-9999/**/union/**/select/**/1,2,version()--

Solution / Fix

Trombinoscope 'photo.php' Server SQL Injection Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].

References

Trombinoscope 'photo.php' Server SQL Injection Vulnerability

References:

Toocharger home page (Toocharger)
Trombinoscope downloadable page (Toocharger)