• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

AdMentor Remote SQL Injection Vulnerability

AdMentor is a free collection of ASP scripts created by Stefan Holmberg. AdMentor provides banner ad rotation functionality.

A SQL injection vulnerability has been reported in some versions of AdMentor. During the login process, user supplied input is used to contruct a SQL query. If special characters such as ' are included in the 'userid' and 'pwd' parameters passed to the script, the query may be subverted.

It has been demonstrated that this can be used to authenticate as any account within the AdMentor system. It may be possible to further corrupt the query, although this has not been verified.

Other versions of AdMentor may share this vulnerability. This has not been verified.