vbPortal 2.0 alpha 8.1 – Authenticated SQL Injection

vbPortal 2.0 alpha 8.1 – Authenticated SQL Injection

漏洞ID 1054162 漏洞类型
发布时间 2003-09-12 更新时间 2003-09-12
图片[1]-vbPortal 2.0 alpha 8.1 – Authenticated SQL Injection-安全小百科CVE编号 N/A
图片[2]-vbPortal 2.0 alpha 8.1 – Authenticated SQL Injection-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/23140
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/8613/info

It has been reported that vbPortal is prone to SQL injection attacks when authentication users. The problem occurs due to insufficient sanitization of the $aid variable, used to store the name of the authenticating user. As a result, an attacker may supply data within the username designed to prematurely terminate the string, and influence the logic of the current SQL query. This may be exploited to expose sensitive information, or potentially to launch attacks against the underlying database. 

http://www.example.org/auth.inc.php?admin=JyBPUiAxPTEgSU5UTyBPVVRGSUxFICcvY29tcGxldGUvcGF0aC9Vc2VyVGFibGUudHh0OjE=

It should be noted that the above base64 encoded string contains the following data:

' OR 1=1 INTO OUTFILE '/complete/path/UserTable.txt:1

相关推荐: Qualcomm Qpopper Poppassd Local Arbitrary Command Execution Vulnerability

Qualcomm Qpopper Poppassd Local Arbitrary Command Execution Vulnerability 漏洞ID 1100380 漏洞类型 Design Error 发布时间 2003-04-28 更新时间 2003…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享