photo-gallery.php Missing Input Validation Lets Remote Users Inject SQL Commands
|
|
SecurityTracker Alert ID: 1016505
|
|
SecurityTracker URL: http://securitytracker.com/id?1016505
|
|
CVE Reference: CVE-2006-3688
(Links to External Site)
|
Updated: Jun 14 2008
|
Original Entry Date: Jul 17 2006
|
Impact: Disclosure of system information, Disclosure of user information, User access via network
|
Exploit Included: Yes
|
Version(s): file dated December 4, 2003
|
Description: A vulnerability was reported in photo-gallery.php. A remote user can inject SQL commands.
The 'room.php' script does not properly validate user-supplied input in the 'id' parameter. A remote user can supply a specially
crafted parameter value to execute SQL commands on the underlying database.
A demonstration exploit URL is proivded:
Room.php?id=[SQL
Injection]
CrAzY CrAcKeR, Breeeeh, BoNy-m, and LiNuX_rOOt discovered this vulnerability.
[Editor's note: The product does
not contain a version number, but the affected file 'room.php' is dated December 4, 2003.]
|
Impact: A remote user can execute SQL commands on the underlying database.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: scripts.franciscocharrua.com/photo-gallery.php (Links to External Site)
|
Cause: Input validation error
|
Underlying OS: Linux (Any), UNIX (Any), Windows (Any)
|
Reported By: Breeeeh@hotmail.com
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 11 Jul 2006 09:50:20 +0000
From: Breeeeh@hotmail.com
Subject: MyGallery
|
===========================================
Discovered By: C.B.B.L
CrAzY CrAcKeR ,Breeeeh ,BoNy-m ,LiNuX_rOOt
===========================================
Example:-
/MyGallery/Room.php?id=[SQL Injection]
===========================================
|
|
