Bugtraq mailing list archives
Re: Advanced Guestbook 2.2 -- SQL Injection Exploit
From: <mary () gmbwebworks com>
Date: 12 Feb 2005 20:37:32 -0000
In-Reply-To: <20040421103632.8258.qmail () www securityfocus com>
Received: (qmail 26376 invoked from network); 21 Apr 2004 20:40:00 -0000 Received: from outgoing2.securityfocus.com (HELO outgoing.securityfocus.com) (205.206.231.26) by mail.securityfocus.com with SMTP; 21 Apr 2004 20:40:00 -0000 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing.securityfocus.com (Postfix) with QMQP id EEF39143805; Wed, 21 Apr 2004 22:32:37 -0600 (MDT) Mailing-List: contact bugtraq-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq () securityfocus com> List-Help: <mailto:bugtraq-help () securityfocus com> List-Unsubscribe: <mailto:bugtraq-unsubscribe () securityfocus com> List-Subscribe: <mailto:bugtraq-subscribe () securityfocus com> Delivered-To: mailing list bugtraq () securityfocus com Delivered-To: moderator for bugtraq () securityfocus com Received: (qmail 3881 invoked from network); 21 Apr 2004 09:08:27 -0000 Date: 21 Apr 2004 10:36:32 -0000 Message-ID: <20040421103632.8258.qmail () www securityfocus com> Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) From: JQ <idiosyncrasie () xs4all nl> To: bugtraq () securityfocus com Subject: Advanced Guestbook 2.2 -- SQL Injection Exploit The widely-used Advanced Guestbook 2.2 webapplication (PHP, MySQL) appears vulnerable to SQL Injection granting the attacker administrator access. The attack is very simple and consists of inputting the following password string leaving the username entry blank: ') OR ('a' = 'a Regards, JQ
Upgrading an installation of Advanced Guestbook 2.2 to version 2.3.1 will fix this vulnerability.
Current thread:
- Re: Advanced Guestbook 2.2 -- SQL Injection Exploit mary (Feb 12)