Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:25377
HistoryDec 21, 2010 - 12:00 a.m.

www.eVuln.com : Authentication Bypass by SQL Injection in Social Share

2010-12-2100:00:00
vulners.com
58
JSON

www.eVuln.com advisory:
Authentication Bypass by SQL Injection in Social Share
Summary: http://evuln.com/vulns/167/summary.html
Details: http://evuln.com/vulns/167/description.html

-----------Summary-----------
eVuln ID: EV0167
Software: Social Share
Vendor: n/a
Version: 2010-06-05
Critical Level: medium
Type: SQL Injection
Status: Unpatched. No reply from developer(s)
PoC: Available
Solution: Not available
Discovered by: Aliaksandr Hartsuyeu ( http://evuln.com/ )

--------Description--------
Parameter username is not properly sanitized before being used in a SQL query.
This can be used to make any SQL query by injecting arbitrary SQL code and log in
without password.

Vulnerable script: functions.php

Condition: magic_quotes: off

--------PoC/Exploit--------
PoC code is available at:
http://evuln.com/vulns/167/exploit.html

---------Solution----------
Not available

----------Credit-----------
Vulnerability discovered by Aliaksandr Hartsuyeu
http://evuln.com/auth-bypass/sql-injection.html - recent SQL Injection Auth Bypass
vulns

JSON