[VIM] [OSVDB Mods] [Change Request] 21565: phpBB Blog index.php permalink Variable SQL Injection (fwd)
security curmudgeon
jericho at attrition.org
Fri Jan 13 08:37:04 EST 2006
---------- Forwarded message ----------
From: security curmudgeon <jericho at attrition.org>
To: Tony Boyd <tony at outshine.com>
Cc: moderators at osvdb.org
Date: Fri, 13 Jan 2006 08:36:52 -0500 (EST)
Subject: Re: [OSVDB Mods] [Change Request] 21565: phpBB Blog index.php permalink
Variable SQL Injection
Hey Tony,
: No errors. See here:
:
: http://www.outshine.com/phpbbblog/demo/?permalink=302'
If I try:
http://www.outshine.com/phpbbblog/demo/?permalink
It gives me the following error:
General Error
Querying the database didn't work. Feeling helpful? Email the webmaster.
DEBUG MODE
SQL Error : 1064 You have an error in your SQL syntax. Check the manual
that corresponds to your MySQL server version for the right syntax to
use near 'AND topic_type=0 ORDER BY topic_time DESC LIMIT 1' at line 1
Notice the SQL error? While it didn't take a ' to cause it, that is no
doubt what the original discoverer saw that prompted them to make this
claim. So it appears that no input will cause the SQL error, but if you
actually try to pass any special characters, they are sanitized, as your
examples above show.
Would you agree?
Brian
OSVDB.org
More information about the VIM
mailing list