koobi-cms423.txt

2005-06-24T00:00:00
ID PACKETSTORM:38275
Type packetstorm
Reporter security-tmp.net.ru
Modified 2005-06-24T00:00:00

Description

                                        
                                            `  
  
SQL-injections in koobi-cms 4.2.3   
_____________________________________________________________   
The program: koobi-cms   
Homepage: http://www.dream4.de/   
Vulnerable Versions: 4.2.3   
Has found: CENSORED [SVT] 28.04.05   
_____________________________________________________________   
  
  
The description   
---------------   
  
Vulnerability has been found in parameter page. In koobi-cms it   
Refers to - p. Data transferred to this parameter not   
Are filtered. Owing to it it is possible to make SQL-injections.   
As at substitution of a symbol ', probably to define   
House dir a server.   
  
Still the mistake exists in parameter q. It is used for   
Search on a site.  
  
Examples   
--------  
  
http://127.0.0.1/index.php?p='[SQL code]   
http://127.0.0.1/index.php?area=1&p='[SQL code]   
http://127.0.0.1/index.php?q='[SQL code]   
  
  
The conclusion   
--------------   
  
Vulnerability is found out in version 4.2.3, on other versions   
Research did not spend. Probably they too are vulnerable.   
-------------------------------------------------------------   
  
CENSORED Search Vulnerabilities Team   
www.security-tmp.net.ru   
  
`