SQL Injection Vulnerability in BirthSys

Summary

Vulnerability: SQL Injection Vulnerability in BirthSys
Discovered: 2006.02.10
Last Update: 2006.02.20 Exploitation code published
ID: EV0074
CVE: CVE-2006-0775
Risk Level: medium
Type: SQL Injection
Status: Unpatched. No reply from developer(s)
Vendor: n/a
Vulnerable Software: BirthSys (http://clvfoto.free.fr/site/download.php3)
Version: 3.1
PoC/Exploit: Available
Solution: Not available
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

Description

SQL Injection found in BirthSys (http://clvfoto.free.fr/site/download.php3) script.

Vulnerable script: show.php

Variables $month $date are not properly sanitized. This can be used to make any SQL query by injecting arbitrary SQL code.

PoC/Exploit

SQL Injection Example.

http://host/show.php3?month=99%20union%20select%201,2,3,4,5/*

Solution.

Solution for "SQL Injection Vulnerability in BirthSys" is not available. Check vendor's website for updates.

SQL Injection Vulnerability in BirthSys

Summary

Description

PoC/Exploit

Solution.

Company

Services

eVuln Labs

eVuln Tools