| VID |
21411 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The PHPNews has an SQL Injection Vulnerability in the sendtofriend.php script.
PhpNews is a freely available PHP-based news content manager that uses a MySQL backend database. PHPNews 1.2.3 and prior versions are vulnerable to a SQL Injection attack, caused by a failure of the application to properly sanitize user-supplied input prior to utilizing it in an SQL query. By supplying malicious SQL commands in the 'mid' variable in the 'sendtofriend.php' module, a remote attacker could obtain sensitive information and add, modify or delete information in the backend database.
* References:
http://www.osvdb.org/displayvuln.php?osvdb_id=12119
http://secunia.com/advisories/13300/
* Platforms Affected:
PHPNews 1.2.3 and prior
Microsoft Windows Any version
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of PHPNews (1.2.4 or later), available from the PHPNews Web site at http://sourceforge.net/projects/newsphp/ |
| Related URL |
CVE-2004-2474 (CVE) |
| Related URL |
11748 (SecurityFocus) |
| Related URL |
18233 (ISS) |
|
