SQL Injection Vulnerability in Maian Events

Summary

Vulnerability: SQL Injection Vulnerability in Maian Events
Discovered: 2006.03.16
Last Update: 2006.04.08 Solution added
ID: EV0102
CVE: CVE-2006-1341
Risk Level: medium
Type: SQL Injection
Status: Unpatched. Vendor notyfied.
Vendor: n/a
Vulnerable Software: Maian Events (http://www.maianscriptworld.co.uk/)
Version: 1.0
PoC/Exploit: Available
Solution: Available
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

Description

SQL Injection found in Maian Events (http://www.maianscriptworld.co.uk/) script.

Vulnerable script: events.php

Parameters month, year are not properly sanitized before being used in SQL queries. This can be used to make any SQL query by injecting arbitrary SQL code.

Condition: magic_quotes_gpc = off

PoC/Exploit

SQL Injection Example:

http://[host]/menu.php?month=4&year=2006%20or%201/*

Solution.

To fix this problem install or upgrade to version 1.1

http://www.maianscriptworld.co.uk/scripts_events.html (http://www.maianscriptworld.co.uk/scripts_events.html)

SQL Injection Vulnerability in Maian Events

Summary

Description

PoC/Exploit

Solution.

Company

Services

eVuln Labs

eVuln Tools