SQL Injection Vulnerability in SuperCali PHP Event Calendar

ID HTB22983
Type htbridge
Reporter High-Tech Bridge
Modified 2011-05-03T00:00:00


High-Tech Bridge SA Security Research Lab has discovered vulnerability in SuperCali PHP Event Calendar which could be exploited to perform SQL injection attacks.

1) SQL injection vulnerability in SuperCali PHP Event Calendar
The vulnerability exists due to input sanitation errors in the "category_id" parameter in show_event.php. A remote attacker can send a specially crafted HTTP request to the vulnerable script and execute arbitrary SQL commands in application`s database. Successful exploitation may allow an attacker to read, modify, add or delete arbitrary data in the database. Successful exploitation requires that register_globals is enabled.
Exploitation example:
http://[host]/show_event.php?category_id=-1%20union%20select%20version%28%29 %20--%202