lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 25 Nov 2010 06:11:01 -0700
From: bt@...ln.com
To: bugtraq@...urityfocus.com
Subject: [eVuln.com] SQL injections in FreeTicket

Subject: [eVuln.com] SQL injections in FreeTicket

New eVuln Advisory:
SQL injections in FreeTicket
Summary: http://evuln.com/vulns/146/summary.html 
Details: http://evuln.com/vulns/146/description.html 

-----------Summary-----------
eVuln ID: EV0146
Software: FreeTicket
Vendor: Mrcgiguy
Version: 1.0.0
Critical Level: medium
Type: SQL injection
Status: Unpatched. No reply from developer(s)
PoC: Available
Solution: Not available
Discovered by: Aliaksandr Hartsuyeu ( http://evuln.com/ )
--------Description--------
1. 'id' SQL injection
Vulnerability found in contact.php script.
User-defined variable id is not properly sanitized before being used in SQL query.
This can be used to execute arbitrary SQL query.

2. 'email' SQL injection
Vulnerable script is contact.php script.
'email' parameter is not properly sanitized before being used in SQL query.
--------PoC/Exploit--------
PoC code is available at:
http://evuln.com/vulns/146/exploit.html 
---------Solution----------
Not available
----------Credit-----------
Vulnerability discovered by Aliaksandr Hartsuyeu
http://evuln.com/xss/bbcode.html - recent XSS in bbcode

Powered by blists - more mailing lists