Omnistar Live "id" and "category_id" SQL inj.

2005-11-23T00:00:00
ID SECURITYVULNS:DOC:10314
Type securityvulns
Reporter Securityvulns
Modified 2005-11-23T00:00:00

Description

Omnistar Live "id" and "category_id" SQL inj. Vuln. dicovered by : r0t Date 23 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/omnistar-live-id-and-categoryid-sql.html Affected product version: Omnistar Live 5.2 and prior. http://www.omnistarlive.com

Vuln. Description: Input passed to the "id" and "category_id" parameter in "kb.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

example: /kb.php?id=10006&category_id=[SQL] /kb.php?id=[SQL]

Solution: Edit the source code to ensure that input is properly sanitised.

greetings to : RaZbh,der4444,fredrau,waraxe,g0df4th3r,cembo!!!