Info

Disclosure

Oct 04, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

PHP-Fusion contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the photogallery.php script not properly sanitizing user-supplied input to the album or photo variables. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

Classification

Location: Remote / Network Access
Attack Type: Information Disclosure, Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
Exploit: Exploit Unknown
OSVDB: Web Related

Solution

Upgrade to version 6.00.110 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): enable "magic_quotes_gpc" or edit the source code.

Products

Nick Jones

PHP-Fusion

6.00.109

References

Secunia Advisory ID: 17048
CVE ID: 2005-3160 (see also: NVD) 2005-3162 (see also: NVD)
Vendor Specific Solution URL: http://www.php-fusion.co.uk/downloads.php?cat_id=3

Credit

mircia - Critical Security
JahMan - Critical Security
ld - Critical Security

Direct URL: http://osvdb.org/19841