Phorum Phorum_URIAuth远程SQL注入漏洞

Phorum Phorum_URIAuth远程SQL注入漏洞

漏洞ID 1107889 漏洞类型 输入验证
发布时间 2004-04-19 更新时间 2005-10-20
图片[1]-Phorum Phorum_URIAuth远程SQL注入漏洞-安全小百科CVE编号 CVE-2004-1938
图片[2]-Phorum Phorum_URIAuth远程SQL注入漏洞-安全小百科CNNVD-ID CNNVD-200404-071
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/24016
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200404-071
|漏洞详情
Phorum是一款基于WEB的论坛程序。Phorum没有充分过滤用户提交的输入,远程攻击者利用这个漏洞进行SQL注如入攻击,可获得敏感信息或破坏数据库。由于Phorum包含的脚本’include/userlogin.php’对’$user’参数缺少充分过滤,虽然程序使用了”Magicquotes”,但$phorum_uriauth使用”%2527″参数,后续的urldecode()操作就会解析成”‘”,因此提交恶意SQL命令给参数,可绕过原有数据库逻辑,获得敏感信息或者可以更改数据库操作。
|漏洞EXP
source: http://www.securityfocus.com/bid/10173/info

Reportedly Phorum is affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitized user supplied URI input.

This issue may allow a remote attacker to manipulate query logic, leading to unauthorized access to sensitive information such as the user password hash or corruption of database data. SQL injection attacks may also potentially be used to exploit latent vulnerabilities in the underlying database implementation.

http://www.example.com/index.php?modname=saf&id=4
|参考资料

来源:BID
名称:10173
链接:http://www.securityfocus.com/bid/10173
来源:SECUNIA
名称:11407
链接:http://secunia.com/advisories/11407
来源:XF
名称:phorum-userlogin-sql-injection(15894)
链接:http://xforce.iss.net/xforce/xfdb/15894
来源:www.waraxe.us
链接:http://www.waraxe.us/index.php?modname=sa&id;=19
来源:BUGTRAQ
名称:20040419[waraxe-2004-SA#019-CriticalsqlinjectionbuginPhorum3.4.7]
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108239796512897&w;=2

相关推荐: Mutt Text/Enriched Handler Buffer Overflow Vulnerability

Mutt Text/Enriched Handler Buffer Overflow Vulnerability 漏洞ID 1104558 漏洞类型 Boundary Condition Error 发布时间 1999-09-27 更新时间 1999-09-2…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享