[VIM] Re: Sql Injection in CJ Ultra Plus v1.0.3-1.0.4
Steven M. Christey
coley at linus.mitre.org
Wed May 25 12:31:22 EDT 2005
On Mon, 9 May 2005, security curmudgeon wrote:
> : #Sql Injection in CJ Ultra Plus v1.0.3-1.0.4(?) #
>
> Can you verify if this is the same "Cjultra" found at
> http://www.cjultra.com/ or something different?
I downloaded CJUltra 2.0.3 and 2.1. Both of them have an out.php file
with the following code snippet:
if ($perm) {
$perm = addslashes($perm);
$query = "select * from trade where a1 = '$perm'";
$result = mysql_query($query);
if(!$result) error_message(sql_error());
This isn't exactly the code from 1.0.3 as originally announced for the SQL
injection, but:
(1) it's close enough
and
(2) the $perm variable is now cleansed, so the problem - if it existed -
is now fixed.
- Steve
More information about the VIM
mailing list