Elxis CMS <= 2006.4 - banner module - sql injection

看板Bugtraq作者時間18年前 (2007/06/15 02:54), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/1
Elxis Content Management System Banner Mod SQL Injection Jun 14= 2007 --------------------------------------------------------------------------= ----- * Product Elxis Content Management System * Vulnerable Versions All versions to 2006.4 of the Elxis CMS. =20 * Vendor Status The Vendor was notified and the issue fixed. A patch can be found at: http://www.elxis.org/index.php=3Foption=3Dcom=5Fmtree&task=3Dviewlink&link=5Fid=3D98= &Itemid=3D140 * Details The banner module of the Elxis Content Management System is vulnerable t= o an SQL injection. The module keeps track of already displayed banners and s= tores=20 their ID's in a cookie named `mb=5Ftracker'. The cookie value is then used= in=20 an SQL query to get the next, not yet shown banner.=20 * Impact By modifying the cookie value, an attacker might be able to execute SQL=20 queries. * Exploit No exploit required. --------------------------------------------------------------------------= ----- Copyright (C) Nico Leidecker 2007 <nico@leidecker.info>. Permission is hereby granted for the electronic redistribution of this inf= orma- tion. It is not to be edited or altered in any way without the express wr= itten consent of the author. The information herein contained may change without notice. Use of this i= nfor- mation constitutes acceptance for use in an AS IS condition. There are NO = war- ranties, implied or otherwise, with regard to this information of its use.= Any use of this information is at the user's risk. In no event shall the= au- thor/distributor be held liable for any damages whatsoever arising out of = or in connection with the use or spread of this information. =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= Erweitern Sie FreeMail zu einem noch leistungsst=E4rkeren E-Mail-Postfach! =09 Mehr Infos unter http://produkte.web.de/club/=3Fmc=3D021131
更多 nicoLeideck. 的文章
文章代碼(AID): #16SOxG00 (Bugtraq)