XtremeASP PhotoGallery Adminlogin.ASP SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1107633 漏洞类型 SQL注入
发布时间 2004-01-16 更新时间 2004-12-31
CVE编号 CVE-2004-2746 CNNVD-ID CNNVD-200412-238
漏洞平台 ASP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/23547
https://cxsecurity.com/issue/WLB-2007110020
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-238
|漏洞详情
XTREMEASPPhotoGallery是一款基于WEB的图象管理程序。XTREMEASPPhotoGallery包含的管理脚本不正确处理用户提交的验证数据,远程攻击者可以利用这个漏洞无需验证信息未授权访问应用程序。问题存在与'admin/adminlogin.asp'脚本中,由于对用户名和密码信息缺少充分过滤,提交恶意数据可绕过验证,未授权访问应用程序。
|漏洞EXP
source: http://www.securityfocus.com/bid/9438/info

XtremeASP PhotoGallery is prone to an SQL injection vulnerability. The issue is reported to exist in the administration login interface, which does not sufficiently sanitize user-supplied input for username and password values before including it in SQL queries. This could permit remote attackers to pass malicious input to database queries.

http://www.example.com/photoalbum/admin/adminlogin.asp

If we type:

Username: 'or'
Password: 'or'

We gain admin access about the password protected
administrative pages.
|参考资料

来源:www.pensacolawebdesigns.com
链接:http://www.pensacolawebdesigns.com/xtremeasp/readmore.asp
来源:XF
名称:xtremeaspphotogallery-or-sql-injection(14860)
链接:http://xforce.iss.net/xforce/xfdb/14860
来源:BID
名称:9438
链接:http://www.securityfocus.com/bid/9438
来源:BUGTRAQ
名称:20040115XtremeASPPhotoGallery
链接:http://www.securityfocus.com/archive/1/archive/1/350028/30/21640/threaded
来源:OSVDB
名称:3585
链接:http://www.osvdb.org/3585
来源:SECTRACK
名称:1008745
链接:http://securitytracker.com/id?1008745
来源:SECUNIA
名称:10659
链接:http://secunia.com/advisories/10659
来源:SREASON
名称:3346
链接:http://securityreason.com/securityalert/3346
来源:NSFOCUS
名称:5944
链接:http://www.nsfocus.net/vulndb/5944