SQL Injection Vulnerability in qliteNews

Summary

Vulnerability
SQL Injection Vulnerability in qliteNews
Discovered
2006.03.30
Last Update
2006.04.09 Exploitation code published
ID
EV0114
CVE
CVE-2006-1571
Risk Level
medium
Type
SQL Injection
Status
Unpatched. No reply from developer(s)
Vendor
r2xDesign.net (http://www.r2xdesign.net/)
Vulnerable Software
qliteNews
Version
2005.07.01
PoC/Exploit
Available
Solution
Not available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

SQL Injection found in qliteNews script.

Vulnerable script: loginprocess.php

Variables $username, $password are not properly sanitized before being used in SQL query. This can be used to bypass authentication or make any SQL query by injecting arbitrary SQL code.

Condition: magic_quotes_gpc = off

PoC/Exploit

Authorization Bypass Example:

URL: http://[host]/admin/index.php
Username: ' or 1/*
Password: any

Solution.

Solution for "SQL Injection Vulnerability in qliteNews" is not available. Check r2xDesign.net website for updates.