Multiple SQL Injection Vulnerabilities in Maian Weblog

Summary

Vulnerability: Multiple SQL Injection Vulnerabilities in Maian Weblog
Discovered: 2006.03.16
Last Update: 2006.04.15 Solution added
ID: EV0101
CVE: CVE-2006-1334
Risk Level: medium
Type: SQL Injection
Status: Patched
Vendor: n/a
Vulnerable Software: Maian Weblog (http://www.maianscriptworld.co.uk/)
Version: 2.0
PoC/Exploit: Available
Solution: Available
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

Description

SQL Injection found in Maian Weblog (http://www.maianscriptworld.co.uk/) script.

Vulnerable scripts:
print.php
mail.php

Parameters entry email are not properly sanitized before being used in SQL queries. This can be used to make any SQL query by injecting arbitrary SQL code.

Condition: magic_quotes_gpc = off

PoC/Exploit

SQL Injection Examples:

http://[host]/print.php?cmd=log&entry=999'%20union%20select%201,2,3,4,5,6/*

http://[host]/mail.php?cmd=remove&email=111' or 1/*

Solution.

To fix this problem install or upgrade to 3.0 version.

Multiple SQL Injection Vulnerabilities in Maian Weblog

Summary

Description

PoC/Exploit

Solution.

Company

Services

eVuln Labs

eVuln Tools