[VIM] possible rediscovery - Pay Roll Time Sheet & Punch Card SQL injection
Steven M. Christey
coley at linus.mitre.org
Thu Nov 4 11:53:39 CDT 2010
Refs:
EXPLOIT-DB:15396
BID:44609
SECUNIA:42096
The "Password" parameter to login.asp, as stated in SECUNIA:42096, appears
to be the same vector as CVE-2007-4106, whose references are:
BID:25114
SECUNIA:26275
CVE-2007-4106 uses "CodeWidgets" as the vendor name (more like the web
site name), and the current discovery uses Comrie Software (which appears
to be the appropriate vendor name).
These aren't exactly the same, though, since SECUNIA:42096 mentions an
EmployeeNumber parameter, which is not covered by Aria-Security in
CVE-2007-4106, and not explicitly stated by L0rd CrusAd3r in
EXPLOIT-DB:15396. In addition, the older SECUNIA:26275 does not
specifically mention POST for the Password parameter, where the newer
SECUNIA:42096 does.
- Steve
More information about the VIM
mailing list