[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[eVuln] Teca Diary PE SQL Injection Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [eVuln] Teca Diary PE SQL Injection Vulnerability
From: alex@xxxxxxxxx
Date: 23 Feb 2006 15:45:57 -0000

New eVuln Advisory:
Teca Diary PE SQL Injection Vulnerability
http://evuln.com/vulns/75/summary.html

--------------------Summary----------------
eVuln ID: EV0075
CVE: CVE-2006-0729
Software: Teca Diary PE
Sowtware's Web Site: http://www.teca-scripts.com
Versions: 1.0
Critical Level: Moderate
Type: SQL Injection
Class: Remote
Status: Unpatched. No reply from developer(s)
Exploit: Available
Solution: Not Available
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

-----------------Description---------------
Vulnerable script: functions.php

Variables $yy $mm $dd are not properly sanitized. This can be used to make any 
SQL query by injecting arbitrary SQL code.

--------------Exploit----------------------
Available at: http://evuln.com/vulns/75/exploit.html

--------------Solution---------------------
No Patch available.

--------------Credit-----------------------
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)


Regards,
Aliaksandr Hartsuyeu
http://evuln.com - Penetration Testing Services
.

Prev by Date: Secunia Research: Visnetic AntiVirus Plug-in for MailServer Privilege Escalation
Next by Date: Secunia Research: WinACE ARJ Archive Handling Buffer Overflow
Previous by thread: Secunia Research: Visnetic AntiVirus Plug-in for MailServer Privilege Escalation
Next by thread: Secunia Research: WinACE ARJ Archive Handling Buffer Overflow
Index(es):
- Date
- Thread