enVivo!CMS username and password parameters SQL injection

envivo-username-password-sql-injection (20313) The risk level is classified as MediumMedium Risk

Description:

enVivo!CMS is vulnerable to SQL injection caused by a vulnerability in the username and password parameters. A remote attacker could send a specially-crafted SQL statement to the admin_login.asp script using the username and password parameters and the default.asp script in the searchstring parameter which would allow the attacker to add, modify or delete data in the backend database.

Platforms Affected:

  • enVivo!soft, enVivo!CMS
  • Microsoft, Windows 2003 Server

Remedy:

No remedy available as of June 27, 2009.

Consequences:

Data Manipulation

References:

  • enVivo!CMS Quick Start Guide, Introduction at http://www.envivosoft.com/media/pdf/EnVivo!CMS_Quick_Start_Guide.pdf.
  • enVivo!CMS Web page, About enVivo!CMS Classic at http://www.envivosoft.com/default.asp?action=article&ID=13.
  • BID-13437: EnViVo!CMS Admin_Login.ASP Username Parameter SQL Injection Vulnerability
  • BID-13439: EnViVo!CMS Admin_Login.ASP Password Parameter SQL Injection Vulnerability
  • BID-13440: EnViVo!CMS Default.ASP SearchString Parameter SQL Injection Vulnerability
  • BID-24860: EnViVo!CMS Default.ASP ID Parameter SQL Injection Vulnerability
  • CVE-2005-1413: Multiple SQL injection vulnerabilities in enVivo!CMS allow remote attackers to execute arbitrary SQL commands and gain privileges via the (1) username or (2) password parameters to admin_login.asp, or the (3) searchstring and possibly (4) ID parameters to default.asp.
  • OSVDB ID: 15964: enVivo!CMS admin_login.asp Cookie Manipulation Authentication Bypass
  • OSVDB ID: 15965: enVivo!CMS admin_login.asp Username Field SQL Injection
  • OSVDB ID: 15966: enVivo!CMS default.asp Multiple Variable SQL Injection
  • SA15173: enVivo!CMS SQL Injection Vulnerabilities
  • SECTRACK ID: 1013843: enVivo!CMS Input Validation Flaw Lets Remote Users Inject SQL Commands and Gain Administrative Privileges

Reported:

Apr 29, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page