NetClassifieds all versions SQL inj. vuln

2005-12-02T00:00:00
ID SECURITYVULNS:DOC:10477
Type securityvulns
Reporter Securityvulns
Modified 2005-12-02T00:00:00

Description

NetClassifieds all versions SQL inj. vuln Vuln. dicovered by : r0t Date: 1 dec. 2005 Orginal advisory:http://pridels.blogspot.com/2005/12/netclassifieds-all-versions-sql-inj.html Vendor:http://scriptdevelopers.net/ affected version: NetClassifieds Premium Edition 1.0.1 NetClassifieds Professional Edition 1.5.1 NetClassifieds Standard Edition 1.9.6.3 NetClassifieds Free Edition 1.0.1

Vuln. Description:

Input passed to the "CatID" parameter in "ViewCat.php" and "gallery.php","ItemNum" parameter in "ViewItem.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

examples: /ViewCat.php?CatID=[SQL] /gallery.php?CatID=[SQL] /ViewItem.php?ItemNum=[SQL]

Solution:

Edit the source code to ensure that input is properly sanitised.