Loadfactor Forum
April 28, 2007, 03:33:19 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Welcome to LimboForge Forum.
 
   Home   Help Search Login Register  

Loadfactor Forum > Limbo CMS > Limbo Security > Done!)limbo sql injection exploit / weblinks.html.php $catid
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Done!)limbo sql injection exploit / weblinks.html.php $catid  (Read 894 times)
0 Members and 1 Guest are viewing this topic.
itochan
Administrator
Jr. Member
*****
Offline Offline

Posts: 54


View Profile
« on: May 10, 2006, 10:45:42 AM »
how about this?

Quote
/components/com_weblinks/weblinks.html.php

before the line 8
Code:
if(!isset($page))$page=1;

insert this line
Code:
if(isset($catid)) $catid=(is_numeric($catid))?$catid:NULL ;

==
Done!

Cumulative Fix v8 (at 10 Mayl) can fix it.  Cheesy

==
Done!
You can also see secunia (I reported this Tongue )
« Last Edit: May 11, 2006, 08:18:59 AM by itochan » Logged
eternal beginner

when I suggest wrong, please correct me elegantly.
Lance
Jr. Member
**
Offline Offline

Posts: 62



View Profile WWW
« Reply #1 on: May 10, 2006, 10:55:51 AM »
Yes, it seems the earlier cumulative fix addressed the sql.php file.
The link to the code to exploit the sql injection exploit is here:
http://milw0rm.com/exploits/1751
I hope the code you provided fixes that one, thank you.
Logged
Drake CMS Project on SourceForge
Drake Forge
Drake CMS
gergero
Administrator
Newbie
*****
Offline Offline

Posts: 18


View Profile
« Reply #2 on: May 10, 2006, 12:16:36 PM »
I have updated the Cumulative Fix with the code provided by itochan (tested, it works fine!).

catid SQL injection exploit:
- target systems with text database are NOT vulnerable, mysql database IS vulnerable
- intended to reveal the login and the (encrypted password) for admin account,
  therefor I would suggest that you change your admin password (if your database is mysql)
Logged
Lance
Jr. Member
**
Offline Offline

Posts: 62



View Profile WWW
« Reply #3 on: May 10, 2006, 09:14:52 PM »
Well done, thank you for the update!
Logged
Drake CMS Project on SourceForge
Drake Forge
Drake CMS
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC Valid XHTML 1.0! Valid CSS!