CERTVU:315107SkyPortal contains multiple SQL injection vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
53.6%
Overview
SkyPortal RC6 contains multiple SQL injection vulnerabilities which could allow a remote, unauthenticated attacker to gain access to the back-end database and to add, modify or remove data.
Description
SkyPortal is a modular web portal and online community system that includes web-based administration, user selectable skins, user control panel and additional modules such as Public Events Calendar, Classifieds Manager, WebLinks Manager, Download Manager, Article Manager, and Picture Manager.
There are multiple vulnerabilities in a number of pages and functions. These include nc_top.asp, inc_bookmarks.asp, inc_profile_functions.asp, inc_SUBSCRIPTIONS.asp, Avatar_URL, LINK1, and LINK2. Processing of maliciously crafted SQL commands to any of these functions could trigger the vulnerabilities.
Any web site developed with vulnerable versions of SkyPortal will (or is likely to) contain SQL injection vulnerabilities.
Impact
By sending specially crafted SQL statements to any of the stated functions, a remote, unauthenticated attacker could gain access to the system to add, modify or remove data. Attackers are using automated tools to inject malicious content into vulnerable sites.
Solution
This vulnerability was addressed in SkyPortal 1.0 and later.
Vendor Information
315107
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
SkyPortal __ Affected
Updated: June 10, 2008
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
This vulnerability was addressed in SkyPortal 1.0 and later.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23315107 Feedback>).
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- <http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6078>
- <https://vulners.com/cve/CVE-2007-6078>
- <http://xforce.iss.net/xforce/xfdb/38595>
- <http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=207402562>
- <http://blog.wired.com/monkeybites/2008/04/microsoft-datab.html>
- <http://www.owasp.org/index.php/SQL_Injection>
Acknowledgements
The BugReport Security Research & Penetration Testing Group is credited with the discovery of these vulnerabilities.
This document was written by Joseph Pruszynski.
Other Information
| CVE IDs: | CVE-2007-6078 |
|---|---|
| Severity Metric: | 26.21 Date Public: |
References
blog.wired.com/monkeybites/2008/04/microsoft-datab.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6078
nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6078
www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=207402562
www.owasp.org/index.php/SQL_Injection
xforce.iss.net/xforce/xfdb/38595
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
53.6%