wsnuser Cookie SQL Injection vulnerability in WSN Guest

Summary

Vulnerability
wsnuser Cookie SQL Injection vulnerability in WSN Guest
Discovered
2011.02.01
Last Update
n/a n/a
ID
EV0174
CVE
CVE-2011-1060
Risk Level
medium
Type
SQL Injection
Status
Unpatched. Vendor notified. No reply from developer(s).
Vendor
n/a
Vulnerable Software
WSN Guest (http://www.webmastersite.net/?section=wsnguest)
Version
1.24
PoC/Exploit
Available
Solution
Not available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

SQL Injection found in WSN Guest (http://www.webmastersite.net/?section=wsnguest) script.

SQL Injection in "wsnuser" Cookie
It is possible to inject arbitrary SQL query using wsnuser cookie parameter in the index.php script.

Parameter wsnuser is used in SQL query without proper sanitation.

PoC/Exploit

Cookie SQL Injection Example

Cookie SQL Injection PoC. HTTP query:
GET /wsnguest/index.php?debug=1 HTTP/1.0
Host: website
Cookie: wsnuser=[SQL Injection]

Solution.

Solution for "wsnuser Cookie SQL Injection vulnerability in WSN Guest" is not available. Check vendor's website for updates.

Order Source Code Test

Protect your website or web application by source code review of your website made by our team.The work will be done by specialists in website security.

Advisories by vuln type

Website Monitoring

Daily malware scanning. Allows to receive alerts about security problems in your website.
Details >>

Malicious redirects detected?

eVuln team will eliminate the reason, clean your website and monitor it.
Details >>

Website blacklisted?

eVuln team will clean your website, discover and fix security holes, remove from blacklists.
Details >>