Greenguy's Board

Greenguy's Board (http://www.greenguysboard.com/board/index.php)
-   General Business Knowledge (http://www.greenguysboard.com/board/forumdisplay.php?f=10)
-   -   AutorankPHP Remote Exploit via SQL Injection (http://www.greenguysboard.com/board/showthread.php?t=14152)

cd34 2004-12-10 04:25 PM
AutorankPHP Remote Exploit via SQL Injection
 
Software: AutorankPHP

Title: [FW-004] accounts.php remote login exploit via SQL Injection

Summary: Ability to remotely log in and change account information with minimal information about accounts

Description: Using a specially crafted username, one can log into a trade's account in AutorankPHP and change data including username, password, email account

Impact: Traffic can be redirected to other urls, account information changed

Workaround: Modify accounts.php and add

$_POST['Username'] = mysql_real_escape_string($_POST['Username']);
$_POST['Password'] = mysql_real_escape_string($_POST['Password']);

after the
References:
http://firewall.com/advisories/autorankphp.html

Risk Factor: Medium

cd34 2004-12-10 08:56 PM
http://secunia.com/advisories/10467/

Supposedly already found and fixed -- I guess that doesn't explain the extraordinarily high number of sites in google that are not patched (or a client that bought the software in March 2004 that was vulnerable)


All times are GMT -4. The time now is 06:58 AM.

Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
© Greenguy Marketing Inc