[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SQL Injection in LightNEasy
Not only was this previously discovered, you don't seem to understand the
On Thu, 30 Dec 2010, advisory@xxxxxxxxxxx wrote:
: Vulnerability ID: HTB22754
: Reference: http://www.htbridge.ch/advisory/sql_injection_in_lightneasy_1.html
: Product: LightNEasy
: Vulnerability Details:
: The vulnerability exists due to failure in the "/LightNEasy.php" script to properly sanitize user-supplied input in "handle" variable from cookies.
: GET / HTTP/1.1
: Cookie: userhandle=123"SQL_CODE_HERE
That looks like the "userhandle" cookie, not the "handle"?
SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows
remote attackers to execute arbitrary SQL commands via the userhandle
cookie to LightNEasy.php, a different vector than CVE-2008-6593. NOTE: the
provenance of this information is unknown; the details are obtained solely
from third party information.