SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Forum/Board/Portal)  >   Land Down Under Vendors:   ldu.neocrome.net
Land Down Under Input Validation Hole in 'c' Parameter Permits SQL Injection Attacks
SecurityTracker Alert ID:  1014811
SecurityTracker URL:  http://securitytracker.com/id/1014811
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Aug 29 2005
Impact:   Disclosure of system information, Disclosure of user information, User access via network
Exploit Included:  Yes  
Version(s): 801 and prior versions
Description:   A vulnerability was reported in Land Down Under. A remote user can inject SQL commands.

The software does not properly validate user-supplied input. A remote user can supply specially crafted parameter values to execute SQL commands on the underlying database.

Some demonstration exploit URLs are provided:

http://[target]/ldu/events.php?c='

http://[target]/ldu/events.php?f=incoming&c='

http://[target]/ldu/events.php?c=%27

http://[target]/ldu/events.php?f=incoming&c=%27

http://[target]/ldu/index.php?c='

http://[target]/ldu/index.php?c=%27

http://[target]/ldu/list.php?c='&s=title&w=asc&o=1&p=1

http://[target]/ldu/list.php?c=%27&s=title&w=asc&o=1&p=1

matrix_killer of h4cky0u Security Forums discovered this vulnerability.
Impact:   A remote user can execute SQL commands on the underlying database.
Solution:   No solution was available at the time of this entry.
Vendor URL:  ldu.neocrome.net/ (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.

 Source Message Contents
Subject:  [Full-disclosure] Land Down Under 801 And Prior Multiple SQL

TITLE:
======

Land Down Under 801 And Prior Multiple SQL Injection Vulnerabilities


SEVERITY:
=========

Medium


SOFTWARE:
==========

Land Down Under version 801 and prior

Support Website : http://www.neocrome.net


INFO:
=====

Land Down Under is a multiple portal system which includes many
different options like forum, statistic, site map, article menu and
many more. The portal is powered by PHP and MySQL.


BUG DESCRIPTION:
===============

The portal system is vulnerable to various sql injection attacks, here
are some examples:

http://localhost/ldu/events.php?c='

http://localhost/ldu/events.php?f=incoming&c='

http://localhost/ldu/events.php?c=%27

http://localhost/ldu/events.php?f=incoming&c=%27

http://localhost/ldu/index.php?c='

http://localhost/ldu/index.php?c=%27

http://localhost/ldu/list.php?c='&s=title&w=asc&o=1&p=1

http://localhost/ldu/list.php?c=%27&s=title&w=asc&o=1&p=1


VENDOR STATUS:
==============

The vendor was contacted using the contacts link on the main page.
No response recieved till date.


CREDITS:
========

This vulnerability was discovered and researched by -

matrix_killer of h4cky0u Security Forums.


mail : matrix_k at abv.bg

web : http://www.h4cky0u.org

Greets to all omega-team members


ORIGINAL:
=========

http://h4cky0u.org/viewtopic.php?t=2371

-- 
http://www.h4cky0u.org
(In)Security at its best...
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC