lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.63.0509300551230.26802@forced.attrition.org>
Date: Fri, 30 Sep 2005 05:54:17 -0400 (EDT)
From: security curmudgeon <jericho@...rition.org>
To: Petko Petkov <ppetkov@...citizen.org>
Cc: retrogod@...ceposta.it, bugtraq@...urityfocus.com
Subject: Re: PHP-Fusion v6.00.109 SQL Injection / admin|users credentials
 disclosure



: I believe that this thing has been discovered and fixed long time ago.
: check this out, maybe I am wrong:
: http://www.gnucitizen.org/writings/php-fusion-messages.php-sql-injection-vulnerability.xhtml

Your advisory:

POST fields pm_email_notify and pm_save_sent are not properly sanitized. 

Rgod's advisory:

msg_send=' UNION SELECT [..]

BID 14489 / OSVDB 18708:

msg_view=' 


So three advisories or points of disclosure, 4 different variables, all in 
messages.php it seems. Close, but this seems like a different issue.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ