Subdreamer multiple scripts SQL injection

subdreamer-multiple-sql-injection (22918) The risk level is classified as MediumMedium Risk

Description:

Subdreamer is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to multiple scripts which could allow the attacker to add, modify, or delete data from the database.

Note: It is also possible to exploit this vulnerability and gain access to the administration section and possibly upload arbitrary PHP files using the Image Manager panel.


Consequences:

Data Manipulation

Remedy:

Upgrade to the latest version of Subdreamer (2.4.3 or later), available from the Subdreamer CMS Web site. See References.

References:

  • RST/GHC Advisory#35: Subdreamer SQL injection. (This advisory is mostly in Russian - Exploit code is in English.)
  • Subdreamer Web site: Welcome to Subdreamer!.
  • BID-15238: Subdreamer Multiple Remote SQL Injection Vulnerabilities
  • CVE-2005-3423: Multiple SQL injection vulnerabilities in Subdreamer 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the loginusername parameter or (2) cookies to (a) subdreamer.php, (b) ipb2.php, (c) phpbb2.php, (d) vbulletin2.php, and (e) vbulletin3.php.
  • OSVDB ID: 20378: Subdreamer subdreamer.php login Variable SQL Injection
  • OSVDB ID: 20379: Subdreamer ipb2.php login Variable SQL Injection
  • OSVDB ID: 20380: Subdreamer phpbb2.php login Variable SQL Injection
  • OSVDB ID: 20381: Subdreamer vbulletin2.php login Variable SQL Injection
  • OSVDB ID: 20382: Subdreamer vbulletin3.php login Variable SQL Injection
  • OSVDB ID: 20384: Subdreamer Multiple Script Cookie Content SQL Injection
  • SA17378: Subdreamer Login SQL Injection Vulnerabilities

Platforms Affected:

  • Subdreamer Subdreamer CMS 2.2.1

Reported:

Oct 31, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page