SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Forum/Board/Portal)  >  phpBB Notes Mod Vendors:  oxpus.de
phpBB Notes Mod Input Validation Hole in 'posting_notes.php' Permits SQL Injection
SecurityTracker Alert ID:  1013827
SecurityTracker URL:  http://securitytracker.com/id?1013827
CVE Reference:  CAN-2005-1378   (Links to External Site)
Updated:  May 3 2005
Original Entry Date:  Apr 28 2005
Impact:  Disclosure of authentication information, Disclosure of system information, Disclosure of user information, User access via network
Exploit Included:  Yes  
Advisory:  GulfTech Security Research Team
Description:  An input validation vulnerability was reported in the phpBB Notes Mod. A remote user can inject SQL commands.

The 'posting_notes.php' does not properly validate user-supplied input in the 'post_id' parameter. A remote user can supply a specially crafted parameter value to execute SQL commands on the underlying database.

A demonstration exploit URL is provided:

http://[target]/posting_notes.php?mode=editpost &p=-99%20UNION%20SELECT%200,0, username,0,0,0,0,0,0%20FROM%20orionphpbb_users%20WHERE%20user_id=2/*

The 'editpost' function and other functions are affected.

James Bercegay of the GulfTech Security Research Team reported this vulnerability.
Impact:  A remote user can execute SQL commands on the underlying database.
Solution:  No solution was available at the time of this entry.
Vendor URL:  www.oxpus.de/ (Links to External Site)
Cause:  Input validation error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Thu, 28 Apr 2005 02:55:03 -0400
Subject:  http://www.gulftech.org/?node=research&article_id=00070-04272005

 
 
 
http://www.gulftech.org/?node=research&article_id=00070-04272005


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2005, SecurityGlobal.net LLC