SQL Injection Vulnerability in microBlog
Summary
- Vulnerability
- SQL Injection Vulnerability in microBlog
- Discovered
- 2006.01.16
- Last Update
- 2006.02.22 Solution added
- ID
- EV0035
- CVE
- CVE-2006-0234
- Risk Level
- medium
- Type
- SQL Injection
- Status
- Patched
- Vendor
- n/a
- Vulnerable Software
- microBlog (http://www.stamcar.com/projekti/microblog/)
- Version
- 2.0 RC-10
- PoC/Exploit
- Available
- Solution
- Available
- Discovered by
- Aliaksandr Hartsuyeu (eVuln.com)
Description
SQL Injection found in microBlog (http://www.stamcar.com/projekti/microblog/) script.
Vulnerable script: index.php
Variables $month $year isn't properly sanitized before being used in a SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.
Administrator's login and password is threatened.
PoC/Exploit
SQL Injection Example:
http://host/microblog/index.php?month=1&year=9999%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14/*
Solution.
Install or upgrade to new 2.1 version to fix this vulnerability