Creative Community Portal 多个SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110231 漏洞类型 SQL注入
发布时间 2006-05-08 更新时间 2006-05-09
CVE编号 CVE-2006-2255 CNNVD-ID CNNVD-200605-141
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/27836
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200605-141
|漏洞详情
CreativeCommunityPortal1.1及之前版本存在多个SQL注入漏洞。远程攻击者可以借助(1)对(a)ArticleView.php的article_id参数,(2)对(b)DiscView.php或(c)Discussions.php的forum_id参数,(3)对(d)EventView.php的event_id参数,对(e)PollResults.php的(4)AddVote和(5)answer_id参数,或对(f)DiscReply.php.的(7)mid参数,执行任意SQL指令。
|漏洞EXP
source: http://www.securityfocus.com/bid/17890/info
     
Creative Community Portal is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
     
A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
     
Version 1.1 of Creative Community Portal is vulnerable to these issues; other versions may also be affected.

http://www.example.com/DiscReply.php?forum_id=1&mid=[SQL]
|参考资料

来源:VUPEN
名称:ADV-2006-1688
链接:http://www.frsirt.com/english/advisories/2006/1688
来源:SECUNIA
名称:19999
链接:http://secunia.com/advisories/19999
来源:XF
名称:ccportal-multiple-sql-injection(26313)
链接:http://xforce.iss.net/xforce/xfdb/26313
来源:BID
名称:17890
链接:http://www.securityfocus.com/bid/17890
来源:OSVDB
名称:25312
链接:http://www.osvdb.org/25312
来源:OSVDB
名称:25311
链接:http://www.osvdb.org/25311
来源:OSVDB
名称:25310
链接:http://www.osvdb.org/25310
来源:OSVDB
名称:25309
链接:http://www.osvdb.org/25309
来源:OSVDB
名称:25308
链接:http://www.osvdb.org/25308
来源:OSVDB
名称:25307
链接:http://www.osvdb.org/25307
来源:MISC
链接:http://pridels0.blogspot.com/2006/05/creative-community-portal-vuln.html