NetClassifieds Premium Edition SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1113169 漏洞类型 SQL注入
发布时间 2007-06-21 更新时间 2007-06-25
CVE编号 CVE-2007-3354 CNNVD-ID CNNVD-200706-379
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/30223
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200706-379
|漏洞详情
NetClassifiedsPremiumEdition中存在多个SQL注入漏洞。远程攻击者可以借助提交到ViewCat.php的s_user_id参数和其他未明向量,执行任意的SQL指令。
|漏洞EXP
source: http://www.securityfocus.com/bid/24584/info

NetClassifieds is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issues and cross-site scripting issues.

A successful exploit may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

NetClassifieds Free, Standard, Professional, and Premium editions are reported vulnerable. 

http://www.example.com/ViewCat.php?CatID=-8+union+select+1,email,3+from+users/*
http://www.example.com/ViewCat.php?s_user_id='+union+select+user_password+from+users+where%20user_id=1/*
|参考资料

来源:BID
名称:24584
链接:http://www.securityfocus.com/bid/24584
来源:BUGTRAQ
名称:20070621NetClassifieds[multiplevulnerabilities]
链接:http://www.securityfocus.com/archive/1/archive/1/471944/100/0/threaded
来源:OSVDB
名称:36330
链接:http://osvdb.org/36330
来源:XF
名称:netclassifieds-viewcat-sql-injection(34994)
链接:http://xforce.iss.net/xforce/xfdb/34994
来源:SREASON
名称:2824
链接:http://securityreason.com/securityalert/2824