portail13.txt

2005-08-14T00:00:00
ID PACKETSTORM:39295
Type packetstorm
Reporter svt.nukleon.us
Modified 2005-08-14T00:00:00

Description

                                        
                                            `  
  
svadvisory*5   
-------------------------------------------------------------   
Title: SQL injections in PortailPHP |   
The program: PortailPHP v 1.3 |   
Homepage: http://www.portailphp.com/ ------------   
Has found: CENSORED | 14.05.05 |   
-------------------------------------------------------------   
  
The description   
-------------------------------------------------------------|   
  
Vulnerability has been found in parameter "id". If this variable   
Any value it is possible to replace it with a sign ' is transferred   
Since this parameter is involved in all modules, all of them   
Are vulnerable.   
It occurs because of absence of a filtration of parameter id.   
  
Examples   
-------------------------------------------------------------|   
  
http://example/index.php?affiche=News&id='[SQL inj]  
http://example/index.php?affiche=File&id='[SQL inj]  
http://example/index.php?affiche=Liens&id='[SQL inj]  
http://example/index.php?affiche=Faq&id='[SQL inj]  
  
The conclusion   
-------------------------------------------------------------|   
  
Vulnerability is found out in version 1.3, on other versions   
Did not check. Probably they too are vulnerable.   
  
*************************************************************   
  
CENSORED || Search Vulnerabilities Team || www.svt.nukleon.us   
  
`