SQL Injection Vulnerability in Teca Diary PE

Summary

Vulnerability
SQL Injection Vulnerability in Teca Diary PE
Discovered
2006.02.11
Last Update
2006.02.21 Exploitation code published
ID
EV0075
CVE
CVE-2006-0729
Risk Level
medium
Type
SQL Injection
Status
Unpatched. No reply from developer(s)
Vendor
n/a
Vulnerable Software
Teca Diary PE (http://www.teca-scripts.com)
Version
1.0
PoC/Exploit
Available
Solution
Not available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

SQL Injection found in Teca Diary PE (http://www.teca-scripts.com) script.

Vulnerable script: functions.php

Variables $yy $mm $dd are not properly sanitized. This can be used to make any SQL query by injecting arbitrary SQL code.

PoC/Exploit

SQL Injection Example:

http://host/tecadiary/index.php?yy=2006&mm=02&dd=111'%20union%20select%20111,222,333/*

Solution.

Solution for "SQL Injection Vulnerability in Teca Diary PE" is not available. Check vendor's website for updates.