IsolSoft Support Center Input Validation Holes in 'search.php' Permit SQL Injection Attacks
|
|
SecurityTracker Alert ID: 1015270
|
|
SecurityTracker URL: http://securitytracker.com/id?1015270
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Nov 24 2005
|
Impact: Disclosure of system information, Disclosure of user information, User access via network
|
Exploit Included: Yes
|
Version(s): 2.2 and prior versions
|
Description: A vulnerability was reported in IsolSoft Support Center. A remote user can inject SQL commands.
The 'search.php' script does not properly validate user-supplied input in several parameters. A remote user can supply specially
crafted parameter values to execute SQL commands on the underlying database.
Some demonstration exploit URLs are provided:
/search.php?field=Subject&searchvalue=&Ca
tegory=any&Status=any&Priority=any&lorder=[SQL]
/search.php?field=Subject&searchvalue=&Category=any&Status=any&Priority=[SQL]
/search.php?field=Subject&searchvalue=&Cat
egory=any&Status=[SQL]
/search.php?field=Subject&searchvalue=&Category=[SQL]
/search.php?field=Subject&searchvalue=[SQL]
/search.php?field=[SQL]
r0t
reported this vulnerability.
The original advisory is available at:
http://pridels.blogspot.com/2005/11/isolsoft-support-center-sql-inj.html
|
Impact: A remote user can execute SQL commands on the underlying database.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.isolsoft.com/ (Links to External Site)
|
Cause: Input validation error
|
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 24 Nov 2005 17:06:41 -0500
Subject: IsolSoft Support Center SQL inj.
|
http://pridels.blogspot.com/2005/11/isolsoft-support-center-sql-inj.html
|
|
