Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 3.5.3, 4.0 RC3
    • Fix Version/s: 4.0 RC4
    • Component/s: None
    • Labels:
      None
    • Originating Party:
      Experts

      Description

      2) SQL Injection in Newscoop

      2.1 Input passed via the "f_country_code" GET parameter to
      /admin/country/edit.php is not properly sanitised before being used in
      SQL query.
      This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

      The following PoC (Proof of Concept) demonstrates the vulnerability:

      http://[host]/admin/country/edit.php?f_country_code=%27%20union%20select%201,2,version%28%29%20--%202

        Activity

        Hide
        Petr Jasek added a comment -

        fixed 3.5 and 4.0

        Show
        Petr Jasek added a comment - fixed 3.5 and 4.0

          People

          • Assignee:
            Ofir Gal
            Reporter:
            Ofir Gal
            Implemented by:
            Petr Jasek
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development

                Poker Sessions

                This issue is currently not assigned to any Poker Session.