PhotoPost Classifieds comments.php cedit Parameter SQL Injection

2005-01-01T06:21:32
ID OSVDB:12736
Type osvdb
Reporter James Bercegay()
Modified 2005-01-01T06:21:32

Description

Vulnerability Description

PhotoPost Classifieds contains a flaw that will allow a remote attacker to inject arbitrary SQL code. The problem is that the 'cedit' parameter in the 'comments.php' script is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Solution Description

Upgrade to version 2.02 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

PhotoPost Classifieds contains a flaw that will allow a remote attacker to inject arbitrary SQL code. The problem is that the 'cedit' parameter in the 'comments.php' script is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Manual Testing Notes

http://[victim]/comments.php?product=[INT]&cedit=[INT][SQL]

References:

Vendor URL: http://www.photopost.com/class/ Security Tracker: 1012764 Secunia Advisory ID:13699 Related OSVDB ID: 12728 Related OSVDB ID: 12737 Related OSVDB ID: 12729 Related OSVDB ID: 12731 Related OSVDB ID: 12732 Related OSVDB ID: 12730 Related OSVDB ID: 12735 Related OSVDB ID: 12733 Related OSVDB ID: 12734 Other Advisory URL: http://www.gulftech.org/?node=research&article_id=00061-01012005 ISS X-Force ID: 18736 Bugtraq ID: 12156