Home page logo
/

bugtraq logo Bugtraq mailing list archives

Fuse Talk vulnerability
From: "Anthony Cole" <acole76 () bellsouth net>
Date: Wed, 31 Oct 2001 19:26:55 -0600

e-zonemedia's Fuse Talk is vulnerable to malicious SQL.  Improper form
sanitization makes it possible for any user to manipulate data as (s)he
feels fit.  On the sign up form (join.cfm) is possible to pass a well
crafted form variable to the action template (it's the same template
subsequently join.cfm) that will execute malicious SQL.  This is made
possible by not filtering the (;) semi-colon. Examine the following code:

1;delete from users

or

1;exec sp_addlogin "OsamaBinLadenSucks"

I don't need to tell you the impact of this code.  Time and time again I see
you guys emphasize the need for proper form validation, but some people
don't listen. I would  have notified the company (www.e-mediazone.com), but
I think this news would be better delivered by a organization known as a
leader in security.  I trust if you choose to publish this vulnerability,
you would do so only after the problem has been rectified.

Thanks

Cole.

p.s.  I've attached the faulty template for your inspection. (look near line
241)

Attachment: join.txt
Description:


  By Date           By Thread  

Current thread:
  • Fuse Talk vulnerability Anthony Cole (Nov 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault