| Printable Version of Topic |
| Click here to view this topic in its original format |
| SePortal - The Weblog System -> Forums -> Cok önemli 2 güvenlik acigi |
| Sender: Messenger 07.12.2008 18:36 |
| Seportalin 2 tane cok önemli güvenirlik acigi var.Acilen cözülmesi gerekiyor. SePortal 'poll.php' SQL Injection Vulnerability SePortal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. SePortal 2.4 is vulnerable; other versions may also be affected. SePortal 'poll.php' SQL Injection Vulnerability An attacker can exploit this issue through a web browser. The following example URI is available. http://www.example.com/poll.php? poll_id=1'+union+select+1,convert(concat_ws(0x3a3a ,user_name,user_password)+using+latin1),1,1,1,1,1, 1,1,1+from+seportal_users+limit+1,1/* Some vulnerabilities in SePortal, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "poll_id" parameter in poll.php and to the "sp_id" parameter in staticpages.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 2.4. Other versions may also be affected. Solution Edit the source code to ensure that input is properly sanitised. Lütfen bu aciklari en kisa zamanda kapatalim.!!! |
| Sender: borak07 17.12.2009 21:59 |
| 2.5 versiyonunda bu sorun giderilmiş sanırım. Eski versiyonları kullananların 2.5 upgrate dosyalarını indirmeleri lazım. |