{"id": "EDB-ID:26595", "hash": "f979562393dddfa62c46051b29e20427", "type": "exploitdb", "bulletinFamily": "exploit", "title": "IsolSoft Support Center 2.2 - Multiple SQL Injection Vulnerabilities", "description": "IsolSoft Support Center 2.2 Multiple SQL Injection Vulnerabilities. CVE-2005-3838. Webapps exploit for php platform", "published": "2005-11-25T00:00:00", "modified": "2005-11-25T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/26595/", "reporter": "r0t3d3Vil", "references": [], "cvelist": ["CVE-2005-3838"], "lastseen": "2016-02-03T03:55:59", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 7.6, "vector": "NONE", "modified": "2016-02-03T03:55:59"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-3838"]}, {"type": "osvdb", "idList": ["OSVDB:21102"]}], "modified": "2016-02-03T03:55:59"}, "vulnersScore": 7.6}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/26595/", "sourceData": "source: http://www.securityfocus.com/bid/15570/info\r\n\r\nSupport Center is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.\r\n\r\nSuccessful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.\r\n\r\nThese issues are reported to affect Support Center version 2.2; earlier versions may also be vulnerable. \r\n\r\nhttp://www.example.com/search.php?field=Subject&searchvalue=&Category=any&Status=any&Priority=any&lorder=[SQL]\r\nhttp://www.example.com/search.php?field=Subject&searchvalue=&Category=any&Status=any&Priority=[SQL]\r\nhttp://www.example.com/search.php?field=Subject&searchvalue=&Category=any&Status=[SQL]\r\nhttp://www.example.com/search.php?field=Subject&searchvalue=&Category=[SQL]\r\nhttp://www.example.com/search.php?field=Subject&searchvalue=[SQL]\r\nhttp://www.example.com/search.php?field=[SQL]\r\n\r\n\r\n", "osvdbidlist": ["21102"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2019-05-29T18:08:15", "bulletinFamily": "NVD", "description": "Multiple SQL injection vulnerabilities in search.php in IsolSoft Support Center 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) lorder, (2) Priority, (3) Status, (4) Category, (5) searchvalue, and (6) field parameter.", "modified": "2011-03-08T02:27:00", "id": "CVE-2005-3838", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3838", "published": "2005-11-26T22:03:00", "title": "CVE-2005-3838", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:18", "bulletinFamily": "software", "description": "## Vulnerability Description\nSupport Center contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the search.php script not properly sanitizing user-supplied input to the \"lorder\", \"Priority\", \"Status\", \"Category\", \"searchvalue\", and \"field\" variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nSupport Center contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the search.php script not properly sanitizing user-supplied input to the \"lorder\", \"Priority\", \"Status\", \"Category\", \"searchvalue\", and \"field\" variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.\n## Manual Testing Notes\n/search.php?field=Subject&searchvalue=&Category=any&Status=any&Priority=any&lorder=[SQL]\n/search.php?field=Subject&searchvalue=&Category=any&Status=any&Priority=[SQL]\n/search.php?field=Subject&searchvalue=&Category=any&Status=[SQL]\n/search.php?field=Subject&searchvalue=&Category=[SQL]\n/search.php?field=Subject&searchvalue=[SQL]\n/search.php?field=[SQL]\n## References:\nVendor URL: http://www.isolsoft.com/\nSecurity Tracker: 1015270\n[Secunia Advisory ID:17728](https://secuniaresearch.flexerasoftware.com/advisories/17728/)\nOther Advisory URL: http://pridels.blogspot.com/2005/11/isolsoft-support-center-sql-inj.html\nFrSIRT Advisory: ADV-2005-2592\n[CVE-2005-3838](https://vulners.com/cve/CVE-2005-3838)\nBugtraq ID: 15570\n", "modified": "2005-11-24T16:18:56", "published": "2005-11-24T16:18:56", "href": "https://vulners.com/osvdb/OSVDB:21102", "id": "OSVDB:21102", "title": "IsolSoft Support Center search.php Multiple Variable SQL Injection", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}