Details
-
Type:
Bug
-
Status:
Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 3.5.3, 4.0 RC3
-
Fix Version/s: 4.0 RC4
-
Component/s: None
-
Labels:None
-
Originating Party:Experts
Description
2) SQL Injection in Newscoop
2.1 Input passed via the "f_country_code" GET parameter to
/admin/country/edit.php is not properly sanitised before being used in
SQL query.
This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The following PoC (Proof of Concept) demonstrates the vulnerability:
http://[host]/admin/country/edit.php?f_country_code=%27%20union%20select%201,2,version%28%29%20--%202
2.1 Input passed via the "f_country_code" GET parameter to
/admin/country/edit.php is not properly sanitised before being used in
SQL query.
This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The following PoC (Proof of Concept) demonstrates the vulnerability:
http://[host]/admin/country/edit.php?f_country_code=%27%20union%20select%201,2,version%28%29%20--%202