SQL Injection Vulnerability in Shutter

ID HTB22967
Type htbridge
Reporter High-Tech Bridge
Modified 2011-04-19T00:00:00


High-Tech Bridge SA Security Research Lab has discovered vulnerability in Shutter which could be exploited to perform SQL injection attacks.

1) SQL injection vulnerability in Shutter
The vulnerability exists due to input sanitation errors in the "albumID" parameter in index.html. A remote attacker can send a specially crafted HTTP request to the vulnerable script and execute arbitrary SQL commands in application`s database. Successful exploitation may allow an attacker to read, modify, add or delete arbitrary data in the database.
Exploitation examples:
http://[host]/index.html?a=rss.xml&albumID=1%2B99%20union%20select%20%20vers ion%28%29