PowerPortal Input Validation Hole in 'index_page' Lets Remote Users Inject SQL Commands.
|
|
SecurityTracker Alert ID: 1012227
|
|
SecurityTracker URL: http://securitytracker.com/id?1012227
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Nov 14 2004
|
Impact: Disclosure of system information, Disclosure of user information
|
Exploit Included: Yes
|
Version(s): 1.3
|
Description: ruggine reported an input validation vulnerability in PowerPortal. A remote user can inject SQL commands.
It is reported that the 'index.php' script does not properly validate user-supplied input in the 'index_page' variable. A remote
user can submit a specially crafted URL to execute SQL commands on the underlying database.
A demonstration exploit URL is provided:
http://[target]/pp13/index.php?
index_page=and 1=1
|
Impact: A remote user can execute SQL commands on the underlying database.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: powerportal.sourceforge.net/ (Links to External Site)
|
Cause: Input validation error
|
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
|
Reported By: ruggine@autistici.org
|
Message History:
None.
|
Source Message Contents
|
Date: Sun, 14 Nov 2004 17:07:24 +0100 (CET)
From: ruggine@autistici.org
Subject: PowerPortal sql injection
|
PowerPortal sql injection
Version 1.3
Found by: ruggine
1. Problem
2. Solution
3. Info
1. A remote user can inject SQL commands.
-----------
The bug is in the index.php file:
A remote user can easily create the sql attack:
http://host.com/pp13/index.php?index_page=and 1=1
-----------
2. :P
3. URL: http://powerportal.sourceforge.net/
|
|
