PostNuke index.php catid Variable SQL Injection

2005-02-28T23:48:22
ID OSVDB:15922
Type osvdb
Reporter Maksymilian Arciemowicz(max@jestsuper.pl)
Modified 2005-02-28T23:48:22

Description

Vulnerability Description

PostNuke contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the "catid" variable in the "index.php" script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, PostNuke has released a patch to address this vulnerability.

Short Description

PostNuke contains a flaw that may allow an attacker to inject arbitrary SQL queries. The issue is due to the "catid" variable in the "index.php" script not being properly sanitized and may allow an attacker to inject or manipulate SQL queries.

Manual Testing Notes

http://[victim]/[DIR]/index.php?catid='SQLINJECTION

References:

Vendor Specific Advisory URL Security Tracker: 1013324 Related OSVDB ID: 15923 Related OSVDB ID: 15924 Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=110962819232255&w=2 CVE-2005-0615