Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

wsportal-sql.txt

🗓️ 19 Jun 2007 00:00:00Reported by Jesper JurcenoksType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 30 Views

WSPortal version 1.0 SQL Injection Vulnerability in PHP/MySQL site management syste

Show more
Related
Code
ReporterTitlePublishedViews
Family
NVD		CVE-2007-3128
19 Jun 200717:30
nvd
securityvulns		[Full-disclosure] WSPortal version 1.0 SQL Injection Vulnerability
18 Jun 200700:00
securityvulns
securityvulns		Calendarix version 0.7. 20070307 Multiple SQL Injection Vulnerabilities
26 Jun 200700:00
securityvulns
securityvulns		Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
18 Jun 200700:00
securityvulns
Cvelist		CVE-2007-3128
19 Jun 200717:00
cvelist
CVE		CVE-2007-3128
19 Jun 200717:30
cve
Prion		Sql injection
19 Jun 200717:30
prion
`netVigilance Security Advisory #33  
WSPortal version 1.0 SQL Injection Vulnerability   
Description:  
WSPortal is a site management system coded in PHP/MySQL. It is capable of adding pages, adding news to pages, adding images to news articles, alerting the  
site or a specific ip address, private messaging system between administrators.  
Successful exploitation requires PHP magic_quotes_gpc set to Off.  
Advisory URL:   
http://www.netvigilance.com/advisory0033  
External References:   
Mitre CVE: CVE-2007-3128  
NVD NIST: CVE-2007-3128  
OSVDB: 34164  
Summary:   
WSPortal is a site management system coded in PHP/MySQL.   
A security problem in the product allows attackers to commit SQL injection.  
Release Date:  
06/17/2007  
  
Severity:  
Risk: High  
  
CVSS Metrics  
Access Vector: Remote  
Access Complexity: High  
Authentication: Not-required  
Confidentiality Impact: Complete  
Integrity Impact: Partial  
Availability Impact: Partial  
Impact Bias: Confidentiality  
CVSS Base Score: 6.8  
  
Target Distribution on Internet: Low  
  
Exploitability: Functional Exploit  
Remediation Level: Workaround  
Report Confidence: Uncorroborated  
  
Vulnerability Impact: Attack  
Host Impact: SQL Injection.  
SecureScout Testcase ID:  
TC 17963  
Vulnerable Systems:  
WSPortal version 1.0  
Vulnerability Type:  
SQL injection allows malicious people to execute their own SQL scripts. This could be exploited to obtain sensitive data, modify database contents,  
sending anonymous emails to other recipients or acquire administrator's privileges.  
Vendor:  
Chris Harvey  
Vendor Status:  
The Vendor has been notified several times on many different email addresses last on 6 June 2007. The Vendor has not responded. There is no official fix  
at the release of this Security Advisory.  
Workaround:  
In the php.ini file set magic_quotes_gpc = On.  
Example:   
REQUEST:  
http://[TARGET]/[WSPORTAL-DIRECTORY]/content.php?page=0' UNION SELECT `username`,`password` FROM `users` WHERE '1  
REPLY:  
<legend><b><font color="#FF0000"> [SQL INJECTION RESULT: ADMIN NAME] </font></b>  
</legend> [SQL INJECTION RESULT: ADMIN PASSWORD] </fieldset></font>  
Credits:   
Jesper Jurcenoks  
Co-founder netVigilance, Inc  
www.netvigilance.com  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
19 Jun 2007 00:00Current
6.7Medium risk
Vulners AI Score6.7
EPSS0.0072
wsportalsql injectionphp/mysqlsecurity advisoryremote accesshigh riskcve-2007-3128vulnerability impactworkaround
30
.json
Report