Ublog Reload blog_comment.asp y Variable SQL Injection
2005-06-19T06:55:44
ID OSVDB:17386 Type osvdb Reporter Dedi Dwianto(the_day@echo.or.id) Modified 2005-06-19T06:55:44
Description
Vulnerability Description
Ublog Reload contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'blog_comment.asp' script not properly sanitizing user-supplied input to the 'y' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.
Solution Description
Currently, there are no known workarounds or upgrades to correct this issue. However, Uapplication has released a patch to address this vulnerability.
Short Description
Ublog Reload contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'blog_comment.asp' script not properly sanitizing user-supplied input to the 'y' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.
Vendor URL: http://www.uapplication.com/
Vendor Specific Solution URL: http://www.uapplication.com/news_details.asp?id=8
Security Tracker: 1014245
Secunia Advisory ID:15747Related OSVDB ID: 17387Related OSVDB ID: 17385
Other Advisory URL: http://echo.or.id/adv/adv18-theday-2005.txt
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-06/0153.html
CVE-2005-2009
Bugtraq ID: 13991
{"edition": 1, "title": "Ublog Reload blog_comment.asp y Variable SQL Injection", "bulletinFamily": "software", "published": "2005-06-19T06:55:44", "lastseen": "2017-04-28T13:20:13", "history": [], "modified": "2005-06-19T06:55:44", "reporter": "Dedi Dwianto(the_day@echo.or.id)", "hash": "9e831184df7582b3fbc8c42420f8a2668b5b272727591b4248a4c660e2b9ab61", "viewCount": 0, "href": "https://vulners.com/osvdb/OSVDB:17386", "description": "## Vulnerability Description\nUblog Reload contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'blog_comment.asp' script not properly sanitizing user-supplied input to the 'y' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, Uapplication has released a patch to address this vulnerability.\n## Short Description\nUblog Reload contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'blog_comment.asp' script not properly sanitizing user-supplied input to the 'y' variable. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.\n## Manual Testing Notes\nhttp://[target]/UblogReload/blog_comment.asp?bi=71&m=6&y=[year][SQL Inject]&d=&s=category\n## References:\nVendor URL: http://www.uapplication.com/\nVendor Specific Solution URL: http://www.uapplication.com/news_details.asp?id=8\nSecurity Tracker: 1014245\n[Secunia Advisory ID:15747](https://secuniaresearch.flexerasoftware.com/advisories/15747/)\n[Related OSVDB ID: 17387](https://vulners.com/osvdb/OSVDB:17387)\n[Related OSVDB ID: 17385](https://vulners.com/osvdb/OSVDB:17385)\nOther Advisory URL: http://echo.or.id/adv/adv18-theday-2005.txt\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-06/0153.html\n[CVE-2005-2009](https://vulners.com/cve/CVE-2005-2009)\nBugtraq ID: 13991\n", "affectedSoftware": [{"name": "Ublog Reload", "version": "1.0.5", "operator": "eq"}], "type": "osvdb", "hashmap": [{"key": "affectedSoftware", "hash": "bfdb086fdafbc6cee73c00883ff4e52a"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "f1a667cb199ccf7d08f4af239a1a3466"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "416c9da746d1458d566335c9f116b714"}, {"key": "href", "hash": "8a564004c32eca69c6660c50de7f7299"}, {"key": "modified", "hash": "de3a49a977ac34eb8c97c07082d7f590"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "de3a49a977ac34eb8c97c07082d7f590"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "65bfa6c7727586bfdb190917d312a28d"}, {"key": "title", "hash": "bf1c05d2037711f819ab72d465041e16"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "references": [], "objectVersion": "1.2", "enchantments": {"score": {"value": 7.7, "vector": "NONE", "modified": "2017-04-28T13:20:13"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-2009"]}, {"type": "exploitdb", "idList": ["EDB-ID:25844", "EDB-ID:25843"]}, {"type": "osvdb", "idList": ["OSVDB:17385"]}], "modified": "2017-04-28T13:20:13"}, "vulnersScore": 7.7}, "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 7.5}, "cvelist": ["CVE-2005-2009"], "id": "OSVDB:17386"}
{"cve": [{"lastseen": "2019-05-29T18:08:14", "bulletinFamily": "NVD", "description": "Multiple SQL injection vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) ci, (2) d, or (3) m parameter to index.asp, or the (4) bi parameter to blog_comment.asp.", "modified": "2016-10-18T03:24:00", "id": "CVE-2005-2009", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2009", "published": "2005-06-20T04:00:00", "title": "CVE-2005-2009", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2016-02-03T02:17:35", "bulletinFamily": "exploit", "description": "Ublog Reload 1.0.5 index.asp Multiple Parameter SQL Injection. CVE-2005-2009 . Webapps exploit for asp platform", "modified": "2005-06-20T00:00:00", "published": "2005-06-20T00:00:00", "id": "EDB-ID:25843", "href": "https://www.exploit-db.com/exploits/25843/", "type": "exploitdb", "title": "Ublog Reload 1.0.5 index.asp Multiple Parameter SQL Injection", "sourceData": "source: http://www.securityfocus.com/bid/13991/info\r\n\r\nUblog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.\r\n\r\nSuccessful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. \r\n\r\nhttp://www.example.com/UblogReload/index.asp?ci='62&s=category\r\nhttp://www.example.com/UblogReload/index.asp?d=11'&m=6&y=2005&s=day\r\nhttp://www.example.com/UblogReload/index.asp?m=6'&y=2005&s=month ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/25843/"}, {"lastseen": "2016-02-03T02:17:42", "bulletinFamily": "exploit", "description": "Ublog Reload 1.0.5 blog_comment.asp y Parameter SQL Injection. CVE-2005-2009. Webapps exploit for asp platform", "modified": "2005-06-20T00:00:00", "published": "2005-06-20T00:00:00", "id": "EDB-ID:25844", "href": "https://www.exploit-db.com/exploits/25844/", "type": "exploitdb", "title": "Ublog Reload 1.0.5 blog_comment.asp y Parameter SQL Injection", "sourceData": "source: http://www.securityfocus.com/bid/13991/info\r\n \r\nUblog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.\r\n \r\nSuccessful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. \r\n\r\nhttp://www.example.com/UblogReload/blog_comment.asp?bi=71&m=6&y=2005'&d=&s=category", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/25844/"}], "osvdb": [{"lastseen": "2017-04-28T13:20:13", "bulletinFamily": "software", "description": "## Vulnerability Description\nUblog Reload contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'index.asp' script not properly sanitizing user-supplied input to the 'ci', 'd' and 'm' variables. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, Uapplication has released a patch to address this vulnerability.\n## Short Description\nUblog Reload contains a flaw that may allow a remote attacker to carry out an SQL injection attack. The issue is due to the 'index.asp' script not properly sanitizing user-supplied input to the 'ci', 'd' and 'm' variables. This may allow a remote attacker to inject or manipulate SQL queries in the backend database.\n## Manual Testing Notes\nhttp://[target]/UblogReload/index.asp?ci=[SQL INJECT][id]&s=category\nhttp://[target]/UblogReload/index.asp?d=[id][SQL Inject]&m=[mouth]&y=[year]&s=day\nhttp://[target]/UblogReload/index.asp?m=[mount][SQL Inject]&y=[year]&s=month\n## References:\nVendor URL: http://www.uapplication.com/\nVendor Specific Solution URL: http://www.uapplication.com/news_details.asp?id=8\nSecurity Tracker: 1014245\n[Secunia Advisory ID:15747](https://secuniaresearch.flexerasoftware.com/advisories/15747/)\n[Related OSVDB ID: 17387](https://vulners.com/osvdb/OSVDB:17387)\n[Related OSVDB ID: 17386](https://vulners.com/osvdb/OSVDB:17386)\nOther Advisory URL: http://echo.or.id/adv/adv18-theday-2005.txt\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-06/0153.html\nISS X-Force ID: 21024\n[CVE-2005-2009](https://vulners.com/cve/CVE-2005-2009)\nBugtraq ID: 13991\n", "modified": "2005-06-19T06:55:44", "published": "2005-06-19T06:55:44", "href": "https://vulners.com/osvdb/OSVDB:17385", "id": "OSVDB:17385", "title": "Ublog Reload index.asp Multiple Variable SQL Injection", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}