Multiple SQL Injections in phpNewsManager
Summary
- Vulnerability
- Multiple SQL Injections in phpNewsManager
- Discovered
- 2006.03.29
- Last Update
- 2006.04.08 Exploitation code published
- ID
- EV0110
- CVE
- CVE-2006-1560
- Risk Level
- medium
- Type
- SQL Injection
- Status
- Unpatched. No reply from developer(s)
- Vendor
- SkinTech Group (http://www.skintech.org/)
- Vulnerable Software
- phpNewsManager
- Version
- 1.48
- PoC/Exploit
- Available
- Solution
- Not available
- Discovered by
- Aliaksandr Hartsuyeu (eVuln.com)
Description
SQL Injection found in phpNewsManager script.
All user-defined variables are not properly sanitized before being used in SQL queries. This can be used to bypass authentication or make any SQL query by injecting arbitrary SQL code.
Vulnerable scripts:
browse.php
category.php
gallery.php
poll.php
...
PoC/Exploit
SQL Injection Example.
username: ' or 1/*
password: any
Solution.
Solution for "Multiple SQL Injections in phpNewsManager" is not available. Check SkinTech Group website for updates.