Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos network security services platform







Bugtraq: SQL-injections in koobi-cms

SQL-injections in koobi-cms

From: CENSORED <censored_at_mail.ru>
Date: 27 Apr 2005 20:25:18 -0000
('binary' encoding is not supported, stored as-is)  SQL-injections in koobi-cms 4.2.3
_____________________________________________________________
The program: koobi-cms
Homepage: http://www.dream4.de/
Vulnerable Versions: 4.2.3
Has found: CENSORED [SVT] 28.04.05
_____________________________________________________________

The description
---------------

Vulnerability has been found in parameter page. In koobi-cms it
Refers to - p. Data transferred to this parameter not
Are filtered. Owing to it it is possible to make SQL-injections.
As at substitution of a symbol ', probably to define
House dir a server.

Still the mistake exists in parameter q. It is used for
Search on a site.

Examples
--------

http://127.0.0.1/index.php?p='[SQL code]
http://127.0.0.1/index.php?area=1&p='[SQL code]
http://127.0.0.1/index.php?q='[SQL code]

The conclusion
--------------

Vulnerability is found out in version 4.2.3, on other versions
Research did not spend. Probably they too are vulnerable.
-------------------------------------------------------------

CENSORED Search Vulnerabilities Team
www.security-tmp.net.ru
Received on Apr 27 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]