SQL Injection Vulnerability in Newsadmin
Summary
- Vulnerability
- SQL Injection Vulnerability in Newsadmin
- Discovered
- 2006.05.04
- Last Update
- 2006.05.14 Exploitation code published
- ID
- EV0133
- CVE
- CVE-2006-2239
- Risk Level
- medium
- Type
- SQL Injection
- Status
- Unpatched. No reply from developer(s)
- Vendor
- n/a
- Vulnerable Software
- Newsadmin (http://tuma.stc.cx/newsadmin.php)
- Version
- 1.1
- PoC/Exploit
- Available
- Solution
- Not available
- Discovered by
- Aliaksandr Hartsuyeu (eVuln.com)
Description
SQL Injection found in Newsadmin (http://tuma.stc.cx/newsadmin.php) script.
1. SQL Injection.
Vulnerable script: readarticle.php
Parameter nid is not properly sanitized before being used in SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.
PoC/Exploit
1. SQL Injection Example.
URL: http://website/newsadmin/readarticle.php?nid=999%20union%20select%201,2,3,4,5
Solution.
Solution for "SQL Injection Vulnerability in Newsadmin" is not available. Check vendor's website for updates.