Vulners
Lucene search
TaskFreak 0.6.2 - SQL Injection Vulnerability
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | CVE-2010-1583 | 29 Apr 201000:00 | – | circl |
 | CVE-2010-1583 | 5 May 201018:00 | – | cve |
 | CVE-2010-1583 | 5 May 201018:00 | – | cvelist |
 | TaskFreak 0.6.2 - SQL Injection | 29 Apr 201000:00 | – | exploitdb |
 | EUVD-2010-1610 | 7 Oct 202500:30 | – | euvd |
 | TaskFreak 0.6.2 - SQL Injection | 29 Apr 201000:00 | – | exploitpack |
 | CVE-2010-1583 | 6 May 201012:47 | – | nvd |
 | TaskFreak! < 0.6.3 SQLi Vulnerability | 25 May 201000:00 | – | openvas |
| Task Freak 'loadByKey()' SQL Injection Vulnerability | 25 May 201000:00 | – | openvas |
 | Task Freak 0.6.2 SQL Injection | 29 Apr 201000:00 | – | packetstorm |
10
CVE-2010-1583
Vendor notified and product update released.
Details of this report are also available at
http://www.madirish.net/?article=456
Description of Vulnerability:
- ------------------------------
The Tirzen Framework (http://www.tirzen.net/tzn/) is a supporting API
developed by Tirzen (http://www.tirzen.com), an intranet and internet
solutions provider. The Tirzen Framework contains a SQL injection
vulnerability (http://www.owasp.org/index.php/SQL_Injection). This
vulnerability could allow an attacker to arbitrarily manipulate SQL strings
constructed using the library. This vulnerability manifests itself most
notably in the Task Freak (http://www.taskfreak.com/) open source task
management software. The vulnerability can be exploited to bypass
authentication and gain administrative access to the Task Freak system.
Systems affected:
- ------------------
Task Freak Multi User / mySQL v0.6.2 with Tirzen Framework 1.5 was tested
and shown to be vulnerable.
Impact
- -------
Attackers could manipulate database query strings resulting in information
disclosure, data destruction, authentication bypass, etc.
Technical discussion and proof of concept:
- -------------------------------------------
Tirzen Framework class TznDbConnection in the function loadByKey()
(tzn_mysql.php line 605) manifests a SQL injection vulnerability because it
fails to sanitize user supplied input used to compose SQL statements.
Proof of concept: any user can log into TaskFreak as the administrator
simply by using the username "1' or 1='1"
Vendor response:
- ----------------
Upgrade to the latest version of TaskFreak.
- --
Justin C. Klein Keane
http://www.MadIrish.net
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Jul 2014 00:00Current
6.5Medium risk
Vulners AI Score6.5
EPSS0.00784