ReviewPost PHP showproduct.php SQL Injection

2004-02-04T07:20:40
ID OSVDB:3817
Type osvdb
Reporter OSVDB
Modified 2004-02-04T07:20:40

Description

Vulnerability Description

ReviewPost PHP contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the "product" variable in the "showproduct.php" module is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Solution Description

Currently, there are no known workarounds to correct this issue. However, All Enthusiast has released a patch to address this vulnerability.

Short Description

ReviewPost PHP contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the "product" variable in the "showproduct.php" module is not verified properly and will allow an attacker to inject or manipulate SQL queries.

Manual Testing Notes

http://address/directory/showproduct.php?product=[query]

References:

Vendor URL: http://www.reviewpost.com/indexpro.html Vendor URL: http://www.photopost.com/ Vendor Specific Advisory URL Secunia Advisory ID:10786 Other Advisory URL: http://www.zone-h.org/en/advisories/read/id=3864/ ISS X-Force ID: 15035 CVE-2004-2175 Bugtraq ID: 9574