vBSupport Integrated Ticket System vBSupport.PHP SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1113114 漏洞类型 SQL注入
发布时间 2007-06-09 更新时间 2007-06-12
CVE编号 CVE-2007-3196 CNNVD-ID CNNVD-200706-219
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/30168
https://www.securityfocus.com/bid/81762
https://cxsecurity.com/issue/WLB-2007060056
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200706-219
|漏洞详情
vSupportIntegratedTicketSystem的vBSupport.php中存在SQL注入漏洞。远程攻击者可以借助showticket操作中的ticketid参数,执行任意的SQL指令。
|漏洞EXP
source: http://www.securityfocus.com/bid/24397/info

vBSupport is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.

http://www.example.com/4/vBSupport.php?do=showticket&ticketid=[SQL]
|受影响的产品
Jelsoft Vbsupport Integrated Ticket System 2.0 Beta 1
|参考资料

来源:XF
名称:vbsupport-vbsupport-sql-injection(34804)
链接:http://xforce.iss.net/xforce/xfdb/34804
来源:BID
名称:24397
链接:http://www.securityfocus.com/bid/24397
来源:BUGTRAQ
名称:20070609vSupportIntegratedTicketSystem3.*.*SQLinjection
链接:http://www.securityfocus.com/archive/1/archive/1/470966/100/0/threaded
来源:OSVDB
名称:37331
链接:http://osvdb.org/37331
来源:SREASON
名称:2795
链接:http://securityreason.com/securityalert/2795