Pro Publish multiple scripts SQL injection

propublish-multiple-sql-injection (26148) The risk level is classified as MediumMedium Risk

Description:

Pro Publish is vulnerable to SQL injection. If magic_quotes_gpc is disabled, a remote attacker could send specially-crafted SQL statements to the admin/login.php, cat.php, search.php or art.php script using the 'email', 'password', 'catid', 'find_str', or 'artid' parameter, which could allow the attacker to bypass user authentication and possibly add, modify, or delete information in the back-end database.


Consequences:

Bypass Security

Remedy:

No remedy available as of July 9, 2011.

References:

  • BugTraq Mailing List, Fri Jun 02 2006 - 12:25:40 CDT : Pro Publish SQL Injection and XSS Vulnerabilities.
  • Delta Scripts Download Web page: PHP Pro Publish.
  • eVuln Advisory EV0130: Pro Publish SQL Injection and PHP Code Insertion Vulnerabilities.
  • BID-17762: DeltaScripts PHP Pro Publish Multiple SQL Injection Vulnerabilities
  • CVE-2006-2128: Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameter to (a) admin/login.php, (3) find_str parameter to (b) search.php, or (4) artid parameter to (c) art.php, or (5) catid parameter to (d) cat.php.
  • OSVDB ID: 25124: PHP Pro Publish admin/login.php Multiple Variable SQL Injection
  • OSVDB ID: 25125: PHP Pro Publish cat.php catid Variable SQL Injection
  • OSVDB ID: 25126: PHP Pro Publish search.php find_str Variable SQL Injection
  • OSVDB ID: 25127: PHP Pro Publish art.php artid Variable SQL Injection
  • SA19882: PHP Pro Publish SQL Injection Vulnerabilities
  • VUPEN/ADV-2006-1578: PHP Pro Publish Multiple Parameter Handling Remote SQL Injection Vulnerabilities

Platforms Affected:

  • DeltaScripts Pro Publish 2.0

Reported:

Apr 30, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page