|
|
Info |
Last Modified |
| 2 months ago |
|
|
|
|
|
Description |
PostNuke contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the "sif" variable in the "modules/NS-Comments/index.php" module is not verified properly and will allow an attacker to inject or manipulate SQL queries.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Information Disclosure,
Input Manipulation
Impact:
Loss of Confidentiality,
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
OSVDB:
Web Related
|
|
Solution |
PostNuke has released a patch to address this vulnerability. It is also possible to correct the flaw by implementing the following workaround: Modify the source code such that the $sid and $pid variables in modules/NS-Comments/index.php line 1142 are properly verified:
VALUES ($nextid,
'".pnVarPrepForStore($pid)."',
'".pnVarPrepForStore($sid)."',
now(),
'".pnVarPrepForStore($uname)."',
'".pnVarPrepForStore($email)."',
'".pnVarPrepForStore($url)."',
'".pnVarPrepForStore($ip)."',
'".pnVarPrepForStore($subject)."',
'".pnVarPrepForStore($comment)."',
'".pnVarPrepForStore($score)."',
0)");
|
|
Products |
|
PostNuke
 |
0.723 |
0.726 |
0.726-1 |
|
|
|
|
Credit |
- pokleyzz - pokleyzz
 scan-associates.net - SCAN Associates Sdn. Bhd.
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
