Enigma Haber multiple SQL injection
| enigmahaber-multiple-sql-injection (26837) |  Medium Risk |
Description:
Enigma Haber is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to multiple scripts using various parameters, which could allow the attacker to view, add, modify, or delete information in the back-end database.
The following scripts are affected by this vulnerability: /enigmadir/e_mesaj_yaz.asp /enigmadir/yazdir.asp /enigmadir/yorum.asp /enigmadir/edi_haber.asp /enigmadir/ara.asp /enigmadir/arsiv.asp /enigmadir/haber_devam.asp /enigmadir/admin/y_admin.asp /enigmadir/admin/reklam_detay.asp /enigmadir/admin/detay_yorum.asp /enigmadir/admin/haber_sil.asp /enigmadir/admin/kategori_d.asp /enigmadir/admin/haber_ekle.asp /enigmadir/admin/e_mesaj_yaz.asp /enigmadir/admin/admin_sil.asp
Platforms Affected:
- EnigmaASP.Net, Enigma Haber 4.3 and prior
Remedy:
No remedy available as of January 3, 2009.
Consequences:
Data Manipulation
References:
- BugTraq Mailing List, Sun May 28 2006 - 08:58:56 CDT , Advisory: Enigma Haber <= 4.3 Multiple Remote SQL Injection Vulnerabilities at http://archives.neohapsis.com/archives/bugtraq/2006-05/0638.html.
- Enigma Haber Web site, EnigmaASP.Net at http://www.enigmaasp.net/.
- BID-18148: Enigma Haber Multiple SQL Injection Vulnerabilities
- CVE-2006-2731: Multiple SQL injection vulnerabilities in Enigma Haber 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) e_mesaj_yas.asp, (b) edi_haber.asp, and (c) haber_devam.asp; (2) hid parameter in (d) yazdir.asp and (e) yorum.asp, and the (3) e parameter in (f) arsiv.asp. NOTE: with administrator credentials, additional vectors exist including (4) yid parameter to (g) admin/y_admin.asp, (5) bid parameter to (h) admin/reklam_detay.asp, hid parameter to (i) admin/detay_yorum.asp and (j) admin/haber_sil.asp, (6) kid parameter to (k) admin/kategori_d.asp, (7) tur parameter to (l) admin/haber_ekle.asp, (8) s parameter to (m) admin/e_mesaj_yaz.asp, and id parameter to (n) admin/admin_sil.asp.
- OSVDB ID: 26106: Enigma Haber e_mesaj_yas.asp id Variable SQL Injection
- OSVDB ID: 26107: Enigma Haber edi_haber.asp id Variable SQL Injection
- OSVDB ID: 26108: Enigma Haber haber_devam.asp id Variable SQL Injection
- OSVDB ID: 26109: Enigma Haber yazdir.asp hid Variable SQL Injection
- OSVDB ID: 26110: Enigma Haber yorum.asp hid Variable SQL Injection
- OSVDB ID: 26111: Enigma Haber arsiv.asp e Variable SQL Injection
- OSVDB ID: 26112: Enigma Haber admin/y_admin.asp yid Variable SQL Injection
- OSVDB ID: 26113: Enigma Haber admin/reklam_detay.asp bid Variable SQL Injection
- OSVDB ID: 26114: Enigma Haber admin/detay_yorum.asp hid Variable SQL Injection
- OSVDB ID: 26115: Enigma Haber admin/haber_sil.asp hid Variable SQL Injection
- OSVDB ID: 26116: Enigma Haber admin/kategori_d.asp kid Variable SQL Injection
- OSVDB ID: 26117: Enigma Haber admin/haber_ekle.asp tur Variable SQL Injection
- OSVDB ID: 26118: Enigma Haber admin/e_mesaj_yaz.asp s Variable SQL Injection
- OSVDB ID: 26119: Enigma Haber admin/admin_sil.asp id Variable SQL Injection
- SA20357: Enigma Haber Multiple SQL Injection Vulnerabilities
- SECTRACK ID: 1016171: Enigma Haber Multiple Input Validation Holes Let Remote Users Inject SQL Commands
- VUPEN/ADV-2006-2032: Enigma Haber Multiple Parameter Handling Remote SQL Injection Vulnerabilities
Reported:
May 28, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Copyright (c) 1994-2009 Internet Security Systems, Inc. All rights reserved worldwide.
For corrections or additions please email xforce@iss.net