PowerPortal Input Validation Hole in 'index_page' Lets Remote Users Inject SQL Commands.
|
|
SecurityTracker Alert ID: 1012227 |
|
SecurityTracker URL: http://securitytracker.com/id/1012227
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Nov 14 2004
|
Impact:
Disclosure of system information, Disclosure of user information
|
Exploit Included: Yes
|
Version(s): 1.3
|
Description:
ruggine reported an input validation vulnerability in PowerPortal. A remote user can inject SQL commands.
It is reported that the 'index.php' script does not properly validate user-supplied input in the 'index_page' variable. A remote user can submit a specially crafted URL to execute SQL commands on the underlying database.
A demonstration exploit URL is provided:
http://[target]/pp13/index.php?index_page=and 1=1
|
Impact:
A remote user can execute SQL commands on the underlying database.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: powerportal.sourceforge.net/ (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Sun, 14 Nov 2004 17:07:24 +0100 (CET)
Subject: PowerPortal sql injection
|
PowerPortal sql injection
Version 1.3
Found by: ruggine
1. Problem
2. Solution
3. Info
1. A remote user can inject SQL commands.
-----------
The bug is in the index.php file:
A remote user can easily create the sql attack:
http://host.com/pp13/index.php?index_page=and 1=1
-----------
2. :P
3. URL: http://powerportal.sourceforge.net/
|
|
