| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 25 Nov 2010 06:11:01 -0700 From: bt@...ln.com To: bugtraq@...urityfocus.com Subject: [eVuln.com] SQL injections in FreeTicket Subject: [eVuln.com] SQL injections in FreeTicket New eVuln Advisory: SQL injections in FreeTicket Summary: http://evuln.com/vulns/146/summary.html Details: http://evuln.com/vulns/146/description.html -----------Summary----------- eVuln ID: EV0146 Software: FreeTicket Vendor: Mrcgiguy Version: 1.0.0 Critical Level: medium Type: SQL injection Status: Unpatched. No reply from developer(s) PoC: Available Solution: Not available Discovered by: Aliaksandr Hartsuyeu ( http://evuln.com/ ) --------Description-------- 1. 'id' SQL injection Vulnerability found in contact.php script. User-defined variable id is not properly sanitized before being used in SQL query. This can be used to execute arbitrary SQL query. 2. 'email' SQL injection Vulnerable script is contact.php script. 'email' parameter is not properly sanitized before being used in SQL query. --------PoC/Exploit-------- PoC code is available at: http://evuln.com/vulns/146/exploit.html ---------Solution---------- Not available ----------Credit----------- Vulnerability discovered by Aliaksandr Hartsuyeu http://evuln.com/xss/bbcode.html - recent XSS in bbcode
Powered by blists - more mailing lists