DUportal Pro result.asp Multiple Variable SQL Injection

2005-04-20T07:14:21
ID OSVDB:15835
Type osvdb
Reporter Diabolic Crab(dcrab@hackerscenter.com)
Modified 2005-04-20T07:14:21

Description

Vulnerability Description

DUportal Pro contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'iChannel' and 'iData' variables in the 'result.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

DUportal Pro contains a flaw that may allow a remote attacker to inject arbitrary SQL queries. The issue is due to the 'iChannel' and 'iData' variables in the 'result.asp' script not being properly sanitized and may allow a remote attacker to inject or manipulate SQL queries.

Manual Testing Notes

http://[victim]/dUpro/polls/result.asp?iData=74&iCat=254&iChannel='SQL_INJECTION&nChannel=Polls http://[victim]/dUpro/polls/result.asp?iData='SQL_INJECTION&iCat=254&iChannel=15&nChannel=Polls

References:

Vendor URL: http://www.duware.com/ Secunia Advisory ID:15031 Related OSVDB ID: 15834 Related OSVDB ID: 15837 Related OSVDB ID: 15833 Related OSVDB ID: 15832 Related OSVDB ID: 15836 Other Advisory URL: http://digitalparadox.org/advisories/duppro.txt ISS X-Force ID: 20197 CVE-2005-1224 Bugtraq ID: 13285