Full Disclosure mailing list archives
www.eVuln.com : "wsnuser" Cookie SQL Injection vulnerability in WSN Guest
From: Aliaksandr Hartsuyeu <bt () evuln com>
Date: Fri, 18 Feb 2011 10:36:19 +0200
www.eVuln.com advisory: "wsnuser" Cookie SQL Injection vulnerability in WSN Guest -----------Summary----------- http://evuln.com/vulns/174/summary.html eVuln ID: EV0174 Software: WSN Guest Vendor: n/a Version: 1.24 Critical Level: medium Type: SQL Injection Status: Unpatched. No reply from developer(s) PoC: Available Solution: Not available Discovered by: Aliaksandr Hartsuyeu ( http://evuln.com/ ) --------Description-------- http://evuln.com/vulns/174/description.html SQL Injection in "wsnuser" Cookie It is possible to inject arbitrary SQL query using "wsnuser" cookie parameter in the "index.php" script. Parameter "wsnuser" is used in SQL query without proper sanitation. --------PoC/Exploit-------- PoC code is available at: http://evuln.com/vulns/174/exploit.html ---------Solution---------- Not available ----------Credit----------- Vulnerability discovered by Aliaksandr Hartsuyeu http://evuln.com/penetration-test.html - website manual penetration testing _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- www.eVuln.com : "wsnuser" Cookie SQL Injection vulnerability in WSN Guest Aliaksandr Hartsuyeu (Feb 18)