"""snip""" --------------------------------------------------------------------------- phpWebSite <= 0.10.? (topics.php) Remote SQL Injection Exploit --------------------------------------------------------------------------- Discovered By SnIpEr_SA Author : SnIpEr_SA Exploit in Perl : http://www.milw0rm.com/exploits/1525 Remote : Yes Local : No Critical Level : Dangerous --------------------------------------------------------------------------- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : phpWebSite version : 0.10.? URL : http://phpwebsite.appstate.edu/ ... ------------------------------------------------------------------ """snip"""
ed: Any clue on a fixed version ? or patch ?
> Exploit: > ~~~~~~~~ > # http://example.com/path/topics.php?op=viewtopic&topic=-1 Union select name,name,pass,name From users where uid=1 This seems incorrect. There's no "topics.php" in our phpwebsite-0.10.2_rc2 '0.10.0-full was the last release to ship with a topics.php file. The file was part of "convert".' [1] [1] http://www.securityfocus.com/archive/1/431025/30/0/threaded
Closing as INVALID, feel free to reopen if you have any evidence we are indeed affected.
