Web Wiz Multiple Product check_user.asp txtUserName Variable SQL Injection

2005-12-30T08:18:25
ID OSVDB:22148
Type osvdb
Reporter DevilBox(devil_box@kapda.ir)
Modified 2005-12-30T08:18:25

Description

Vulnerability Description

Web Wiz News, Web Wiz Journal, Web Wiz Polls and Web Wiz Database Login contain a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the check_user.asp script not properly sanitizing user-supplied input to the 'txtUserName' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.

Solution Description

Upgrade Web Wiz Site News to version 3.07 or higher, Web Wiz Journal to version 1.0.1 or higher, Web Wiz Polls to version 3.07 or higher and Web Wiz Database Login to version 1.72 as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Web Wiz News, Web Wiz Journal, Web Wiz Polls and Web Wiz Database Login contain a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the check_user.asp script not properly sanitizing user-supplied input to the 'txtUserName' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.

References:

Vendor URL: http://www.webwizguide.info Secunia Advisory ID:18263 Packet Storm: http://packetstormsecurity.org/0601-advisories/sa18263.txt Other Advisory URL: http://www.kapda.ir/advisory-167.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-12/0335.html CVE-2005-4606