In the latest version of PHP-Fusion, the content management system by Digitanium (php-fusion.co.uk), there is an SQL Error in messages.php that reveals path names and a table name, and someone could possibly manipulate the SQL database.
The error is as follows, it is with the Search and Sort option:
/messages.php?folder=inbox&srch_text=a&srch_type=blehblahbleh&sort_type=
blahblehblah&srch_submit=Search%20/%20Sort
The query above will give the following error (or something to the effect):
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE 'a'' at line 1
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in c:\WWW\removed\data\maincore.php on line 111
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE 'a'' at line 1You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE 'a' ORDER BY message_read, LIMIT 0,20' at line 1
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in c:\WWW\removed\data\maincore.php on line 116
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE 'a' ORDER BY message_read, LIMIT 0,20' at line 1
The error could be used to obtain classified information about the database and the system, and is definitely manipulable.
The error is as follows, it is with the Search and Sort option:
/messages.php?folder=inbox&srch_text=a&srch_type=blehblahbleh&sort_type=
blahblehblah&srch_submit=Search%20/%20Sort
The query above will give the following error (or something to the effect):
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE 'a'' at line 1
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in c:\WWW\removed\data\maincore.php on line 111
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE 'a'' at line 1You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE 'a' ORDER BY message_read, LIMIT 0,20' at line 1
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in c:\WWW\removed\data\maincore.php on line 116
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'LIKE 'a' ORDER BY message_read, LIMIT 0,20' at line 1
The error could be used to obtain classified information about the database and the system, and is definitely manipulable.
-Nolan West (CNS Chemist)
[ reply ]