Lucene search
K

Piwigo 2.0.0 SQL Injection

🗓️ 17 Aug 2009 00:00:00Reported by senseofsecurity.com.auType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 36 Views

Piwigo 2.0.0 SQL Injection vulnerability in comments.php allows remote attackers to manipulate data without authentication

Code
`Piwigo SQL Injection Vulnerability - Security Advisory - SOS-09-007  
  
Release Date. 17-Aug-2009  
Last Update. -  
Vendor Notification Date. 15-Jun-2009  
Product. Piwigo  
Platform. Independent  
Affected versions. 2.0.0 (verified), possibly others  
Severity Rating. Medium  
Impact. Manipulation of data  
Attack Vector. Remote without authentication  
Solution Status. Upgrade to 2.0.3  
CVE reference. Not yet assigned  
  
Details.  
  
Piwigo is a photo gallery application written in PHP. The application   
suffers from a SQL injection vulnerability in comments.php, as it fails to   
validate data supplied in the "items_number" variable before being used in   
an SQL query.  
  
SQL injection attacks can give an attacker access to backend database   
contents, the ability to remotely execute system commands, or in some   
circumstances the means to take control of the operating system hosting the   
database.  
  
  
  
Proof of Concept.  
  
/piwigo-2.0.0/comments.php?items_number=1'"  
  
  
  
Solution.  
  
Upgrade to version 2.0.3.  
  
  
  
Discovered by.  
  
SOS Labs.  
  
  
  
About us.  
  
Sense of Security is a leading provider of information security and risk   
management solutions. Our team has expert skills in assessment and   
assurance, strategy and architecture, and deployment through to ongoing   
management. We are Australia's premier penetration testing firm and trusted   
IT security advisor to many of the countries largest organisations.  
  
Sense of Security Pty Ltd  
  
Level 3, 66 King St  
Sydney NSW 2000  
AUSTRALIA  
  
  
T: +61 (0)2 9290 4444  
F: +61 (0)2 9290 4455  
W: http://www.senseofsecurity.com.au  
E: [email protected]  
Twitter: ITsecurityAU (advisories are released here first)  
  
  
  
The latest version of this advisory can be found at:  
  
http://www.senseofsecurity.com.au/advisories/SOS-09-007.pdf  
  
  
  
Other Sense of Security advisories can be found at:  
  
http://www.senseofsecurity.com.au/research/it-security-advisories.php  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation