CJ Ultra (CJUltra) Plus SQL注入漏洞

26次阅读
没有评论

CJ Ultra (CJUltra) Plus SQL注入漏洞

漏洞ID 1108757 漏洞类型 SQL注入
发布时间 2005-05-06 更新时间 2005-05-11
CJ Ultra (CJUltra) Plus SQL注入漏洞CVE编号 CVE-2005-1506
CJ Ultra (CJUltra) Plus SQL注入漏洞CNNVD-ID CNNVD-200505-938
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/25623
https://www.securityfocus.com/bid/88753
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200505-938
|漏洞详情
CJUltra(CJUltra)Plus1.0.3和1.0.4中的out.php存在SQL注入漏洞,远程攻击者可以通过perm参数来执行任意SQL命令。
|漏洞EXP
source: http://www.securityfocus.com/bid/13533/info

CJ Ultra Plus is prone to an SQL injection vulnerability.

This issue affects the 'out.php' script and could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. 

/out.php?url=sad&perm=33333333333333333333333333332'%20UNION%20SELECT%20b12,b12%20FROM%20settings%20INTO%20OUTFILE%20'/path/to/ur/dir/x.txt/*
|受影响的产品
CJ Ultra Plus 1.0.4

CJ Ultra Plus 1.0.3

|参考资料

来源:SECUNIA
名称:15281
链接:http://secunia.com/advisories/15281
来源:BUGTRAQ
名称:20050505SqlInjectioninCJUltraPlusv1.0.3-1.0.4
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=111539589013911&w;=2

相关推荐: Netscape Enterprise Server for Netware Buffer Overflow Vulnerability

Netscape Enterprise Server for Netware Buffer Overflow Vulnerability 漏洞ID 1104080 漏洞类型 Boundary Condition Error 发布时间 2000-06-26 更新…

正文完
 0