Omnistar Document Manager v8.0 - Multiple Vulnerabilities

2012-10-02T00:00:00
ID VULNERLAB:712
Type vulnerlab
Reporter Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (bkm@vulnerability-lab.com)
Modified 2012-10-02T00:00:00

Description

1.1 Multiple SQL Injection Vulnerabilities are detected in Omnistardrives Omnistar Document Manager v8.0 web application. The sql injection vulnerability allows an remote attacker to inject own sql commands/statements on the affected application dbms. The vulnerabilities are detected in the user portal and admin section of the application. The sql vulnerabilities can be exploitation by remote attackers without privileged application user or admin account. The sql bugs are located index.php file with the bound vulnerable report_id, delete_id, add_id, return_to, interface, page & sort_order parameter requests. Successful exploitation of the vulnerabilities results in application dbms compromise & dbms manipulation via sql injection.

Vulnerable Section(s): [+] /user [+] /admin

Vulnerable Module(s): [+] index.php

Vulnerable Parameter(s): [+] report&id= [+] sort_order [+] delete&id= [+] page= [+] interface=