ATutor AContent 1.1 SQL Injection

`  
AContent 1.1 Multiple SQL Injection Vulnerabilities  
  
  
Vendor: ATutor (Inclusive Design Institute)  
Product web page: http://www.atutor.ca  
Affected version: 1.1 (build r296)  
  
Summary: AContent is an open source learning content authoring system  
and respository used to create interoperable, accessible, adaptive  
Web-based learning content. It can be used along with learning management  
systems to develop, share, and archive learning materials.  
  
Desc: Input passed via multiple parameters in multiple scripts is not  
properly sanitised before being used in SQL queries. This can be exploited  
to manipulate SQL queries by injecting arbitrary SQL code.  
  
Tested on: Microsoft Windows XP Professional SP3 (EN)  
Apache 2.2.14 (Win32)  
PHP 5.3.1  
MySQL 5.1.41  
  
  
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic  
liquidworm gmail com  
Zero Science Lab  
  
  
Advisory ID: ZSL-2011-5031  
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5031.php  
  
  
  
31.07.2011  
  
--  
  
  
  
Vulnerable scripts:  
  
1. /documentation/search.php  
2. /home/search.php  
3. /search.php  
4. /user/index_inline_editor_submit.php  
5. /user/user_group_inline_editor_submit.php  
6. /updater/myown_patches_inline_editor_submit.php  
7. /updater/patch_creator.php  
8. /updater/patch_edit.php  
9. /tests/import_test.php  
10. /tests/question_import.php  
11. /oauth/authorization.php  
12. /oauth/register_consumer.php  
13. /language/index_inline_editor_submit.php  
14. /home/ims/ims_import.php  
  
  
Vulnerable parameters:  
  
1. query  
2. search_text  
3. id  
4. _course_id  
5. description  
6. create  
7. system_patch_id  
8. oauth_token  
9. myown_patch_id  
...  
  
  
-------------------------------------------------  
  
  
http://localhost/home/search.php?search_text=1[SQLi]&search=Search  
http://localhost/documentation/search.php?p=home&query=1[SQLi]&search=Search  
`