Enigma Haber yorum.asp hid Variable SQL Injection

2006-05-28T11:20:00
ID OSVDB:26110
Type osvdb
Reporter Mustafa Can Bjorn(nukedx@nukedx.com)
Modified 2006-05-28T11:20:00

Description

Vulnerability Description

Enigma Haber contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the yorum.asp script not properly sanitizing user-supplied input to the \'hid\' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Enigma Haber contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the yorum.asp script not properly sanitizing user-supplied input to the \'hid\' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.

Manual Testing Notes

http://[target]/enigmadir/yorum.asp?hid=[SQL]

References:

Vendor URL: http://www.enigmaasp.net/ Security Tracker: 1016171 Secunia Advisory ID:20357 Related OSVDB ID: 26112 Related OSVDB ID: 26115 Related OSVDB ID: 26116 Related OSVDB ID: 26106 Related OSVDB ID: 26107 Related OSVDB ID: 26111 Related OSVDB ID: 26118 Related OSVDB ID: 26119 Related OSVDB ID: 26108 Related OSVDB ID: 26109 Related OSVDB ID: 26113 Related OSVDB ID: 26114 Related OSVDB ID: 26117 Other Advisory URL: http://www.nukedx.com/?viewdoc=34 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-05/0638.html FrSIRT Advisory: ADV-2006-2032 CVE-2006-2731 Bugtraq ID: 18148