phpWebThings forum.php Multiple Variable SQL Injection

2005-12-11T00:00:00
ID OSVDB:21651
Type osvdb
Reporter Alex Aiken(php-checker@glide.stanford.edu), Yichen Xie(php-checker@glide.stanford.edu)
Modified 2005-12-11T00:00:00

Description

Vulnerability Description

phpWebThings contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the forum.php script not properly sanitizing user-supplied input to the 'direction', 'msg', 'sforum', 'reason', 'subname' and 'toforum' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, phpWebThings has released a patch to address this vulnerability.

Short Description

phpWebThings contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the forum.php script not properly sanitizing user-supplied input to the 'direction', 'msg', 'sforum', 'reason', 'subname' and 'toforum' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.

References:

Vendor URL: http://www.phpwebthings.org/ Vendor Specific Solution URL: http://www.ojvweb.nl/download.php?download=64 Secunia Advisory ID:18011 Related OSVDB ID: 21652 Related OSVDB ID: 21655 Related OSVDB ID: 21656 Related OSVDB ID: 21650 Related OSVDB ID: 21653 Related OSVDB ID: 21654 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0126.html Keyword: PHP-CHECKER