All Enthusiast Photopost PHP Pro SQL Injection Vulnerability
BID:9557
Info
All Enthusiast Photopost PHP Pro SQL Injection Vulnerability
| Bugtraq ID: | 9557 |
| Class: | Input Validation Error |
| CVE: |
CVE-2004-0250 CVE-2004-0239 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 03 2004 12:00AM |
| Updated: | Aug 03 2010 05:25PM |
| Credit: | The disclosure of this issue has been credited to G00db0y from Zone-h Security Labs <[email protected]>. |
| Vulnerable: |
PhotoPost PhotoPost 4.6.5 All Enthusiast Inc Photopost PHP Pro 4.6 All Enthusiast Inc Photopost PHP Pro 4.1 All Enthusiast Inc Photopost PHP Pro 4.0 All Enthusiast Inc Photopost PHP Pro 3.3 All Enthusiast Inc Photopost PHP Pro 3.2 All Enthusiast Inc Photopost PHP Pro 3.1 |
| Not Vulnerable: | |
Discussion
All Enthusiast Photopost PHP Pro SQL Injection Vulnerability
It has been reported that Photopost PHP Pro may be prone to a SQL injection vulnerability that may allow an attacker to influence SQL query logic to disclose sensitive information. The issue exists due to insufficient sanitization of user-supplied data via the 'photo' parameter of 'showphoto.php' script.
Photopost PHP Pro versions 4.6 and prior have been reported to be prone to this vulnerability.
It has been reported that Photopost PHP Pro may be prone to a SQL injection vulnerability that may allow an attacker to influence SQL query logic to disclose sensitive information. The issue exists due to insufficient sanitization of user-supplied data via the 'photo' parameter of 'showphoto.php' script.
Photopost PHP Pro versions 4.6 and prior have been reported to be prone to this vulnerability.
Exploit / POC
All Enthusiast Photopost PHP Pro SQL Injection Vulnerability
No exploit is required to exploit this issue.
The following proof of concept has been provided:
http://www.example.com/directory/showphoto.php?photo=[query]
No exploit is required to exploit this issue.
The following proof of concept has been provided:
http://www.example.com/directory/showphoto.php?photo=[query]
Solution / Fix
All Enthusiast Photopost PHP Pro SQL Injection Vulnerability
Solution:
The vendor has released a patch to address this issue. Users are advised to contact the vendor in order to obtain the patch.
Solution:
The vendor has released a patch to address this issue. Users are advised to contact the vendor in order to obtain the patch.
References
All Enthusiast Photopost PHP Pro SQL Injection Vulnerability
References:
References:
- PhotoPost PHP Homepage (All Enthusiast Inc)
- ZH2004-03SA (security advisory): Photopost PHP Pro 4.6 Sql Injection (ZetaLabs
)