BugTraq
Back to list
|
Post reply
Woltlab Burning Book addentry.php SQL Injection
Jan 10 2005 07:10PM
Martin Heistermann (martin heistermann web de)
Advisory Information
--------------------
Advisory name : Woltlab Burning Book addentry.php SQL Injection
Discovered by : drhankey / it-security23.net
Vendor Name : Woltlab
Vendor Homepage : http://www.woltlab.de
Software : Woltlab Burning Book Lite
Vulnerability Type : Cross-Site-Scripting
Vulnerable Versions : 1.0 Gold, 1.1.1e, maybe more
Platforms : OS Independent, PHP
What is Woltlab Burning Book ?
----------------------------------
Woltlab Burning Board Lite is a free guestbook system.
Vulnerability Description:
-------------------------
When you post a message, addentry.php executes a SQL Query writing it in the db. The
user-agent is also saved, but not filtered. So its possible to modify the SQL Query when you
change your user-agent.
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Advisory Information
--------------------
Advisory name : Woltlab Burning Book addentry.php SQL Injection
Discovered by : drhankey / it-security23.net
Vendor Name : Woltlab
Vendor Homepage : http://www.woltlab.de
Software : Woltlab Burning Book Lite
Vulnerability Type : Cross-Site-Scripting
Vulnerable Versions : 1.0 Gold, 1.1.1e, maybe more
Platforms : OS Independent, PHP
What is Woltlab Burning Book ?
----------------------------------
Woltlab Burning Board Lite is a free guestbook system.
Vulnerability Description:
-------------------------
When you post a message, addentry.php executes a SQL Query writing it in the db. The
user-agent is also saved, but not filtered. So its possible to modify the SQL Query when you
change your user-agent.
[ reply ]