| VID |
210067 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The paFileDB program is vulnerable to an SQL injection vulnerability in the /includes/search.php script. paFileDB is a Web-based file download management program developed by PHP Arena that uses a MySQL database. paFileDB version 3.6 and earlier versions are vulnerable to an SQL injection vulnerability, caused by improper validation of user-supplied input passed to the 'categories[]' parameter of the 'includes/search.php' script. This vulnerability could permit a remote attacker to pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.
* References:
http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064644.html
http://secunia.com/advisories/26078
http://www.milw0rm.com/exploits/4186
* Platforms Affected:
PHP Arena, paFileDB version 3.6 and possibly earlier versions
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of June 2014.
As a workaround, edit the source code to ensure that input is properly sanitised. |
| Related URL |
CVE-2007-3808 (CVE) |
| Related URL |
24914 (SecurityFocus) |
| Related URL |
35412 (ISS) |
|
