- 28 May 2008Advisories » vShare YouTube Clone "tid" Parameter Handling Remote SQL Injection Vulnerability
| Release Date: | 09/05/2008 | Severity: | Moderately Critical  |
| SecWatch Advisory: | SWID1021134 | Cause: | Input validation error |
| Solution Status: | Unpatched | Impact: | SQL Injection |
| Exploit Status: | PoC Available | Access Vector: | From remote |
| Affected Software: | vShare YouTube Clone 2.x | ||
| References: | http://milw0rm.com/exploits/5565 |
||
| Secunia: | SA30144 | ||
| Bugtraq ID: | BID#29114 | ||
Description:
An input validation vulnerability in vShare YouTube Clone has been reported, which can be exploited by remote users to conduct SQL injection attacks.
User-supplied input passed to the "tid" parameter in group_posts.php is not properly sanitised before being used in SQL queries. This can be exploited by a specially crafted parameter value to execute arbitrary SQL commands on the underlying database.
Affected:
vShare YouTube Clone version 2.6. Other versions may also be affected.
Proof of Concept:
SQL Injection:
http://[target]/group_posts.php?tid=[SQL]
Solution:
There was no vendor-supplied solution at the time of entry.
Edit source code manually to ensure user-supplied input is correctly sanitised.
Filter malicious characters and character sequences via a HTTP proxy or firewall with URL filtering capabilities.
Credits:
Saime
Free Vulnerability Notification Service
Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.