[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SQL Injection in LightNEasy

Not only was this previously discovered, you don't seem to understand the 

On Thu, 30 Dec 2010, advisory@xxxxxxxxxxx wrote:

: Vulnerability ID: HTB22754
: Reference: http://www.htbridge.ch/advisory/sql_injection_in_lightneasy_1.html
: Product: LightNEasy
: Vulnerability Details:
: The vulnerability exists due to failure in the "/LightNEasy.php" script to properly sanitize user-supplied input in "handle" variable from cookies.

: GET / HTTP/1.1
: Cookie: userhandle=123"SQL_CODE_HERE

That looks like the "userhandle" cookie, not the "handle"?


SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows 
remote attackers to execute arbitrary SQL commands via the userhandle 
cookie to LightNEasy.php, a different vector than CVE-2008-6593. NOTE: the 
provenance of this information is unknown; the details are obtained solely 
from third party information.