Re: CVE request - Batavi 1.2.1 Fixes Blind SQL Injection vulnerability in boxToReload parameter of ajax.php

[Kurt Seifried <kseifried () redhat com>]

On 01/18/2012 06:31 AM, Ronald van den Blink wrote:
> Hi,
>
> Can we please have a CVE assigned for the following fix in Batavi 1.2.1 
> (http://sourceforge.net/projects/batavi/files/).
>
> As pointed out by Canberk BOLAT of Mavituna Security, version before 1.2.1 have a Blind SQL Injection Vulnerability 
> in the boxToReload parameter of ajax.php. This has been fixed in Batavi 1.2.1.
>
> Relevant part of the changelog:
>
> For details about the changes of the downloaded version you'll find a changes.txt in the root folder of the package.
>
> Version 1.2.1
>
> [..]
>
> Security:
>
> - Fixed SQL injection in modules;
> - Improvements methods of Database to handle it;
> - All data which come from user going via special check to strip all dangerous values.
>
> [..]
>
> With kind regards,
>
> Ronald van den Blink
> Project Manager 
> Iceshop BV
>
> Iceshop BV is the main contributor to the next generation open source e-commerce software Batavi. Batavi is the first 
> open source e-commerce software that can easy handle more than 100.000 products and has native Icecat 
> (www.icecat.biz) integration. 
Can you include a link to the code commit(s) that fiix this? Thanks.

-- 

-- Kurt Seifried / Red Hat Security Response Team