SQL Injection Vulnerability in vCounter
Summary
- Vulnerability
- SQL Injection Vulnerability in vCounter
- Discovered
- 2006.03.28
- Last Update
- 2006.04.07 Exploitation code published
- ID
- EV0108
- CVE
- CVE-2006-1499
- Risk Level
- low
- Type
- SQL Injection
- Status
- Unpatched. Vendor notyfied.
- Vendor
- n/a
- Vulnerable Software
- vCounter (http://www.sourceworkshop.com/)
- Version
- 1.0
- PoC/Exploit
- Available
- Solution
- Not available
- Discovered by
- Aliaksandr Hartsuyeu (eVuln.com)
Description
SQL Injection found in vCounter (http://www.sourceworkshop.com/) script.
Vulnerable script: vCounter.php
Variable $_SERVER[REQUEST_URI] is not properly sanitized before being used in 'INSERT' SQL query. This can be used to evaluate arbitrary SQL expression.
Condition: magic_quotes_gpc = off
PoC/Exploit
SQL Injection Example:
http://[host]/example_page.php?zzz'+benchmark(999999,md5(123))+'zzz
Solution.
Solution for "SQL Injection Vulnerability in vCounter" is not available. Check vendor's website for updates.