High-Tech Bridge Security Research Lab discovered vulnerability in Dokeos version 2.2RC, which can be exploited to perform SQL Injection attacks.
SQL Injection in Dokeos 2.2RC: CVE-2013-6341
The vulnerability exists due to insufficient validation of "language" HTTP GET parameter passed to "/index.php" script. A remote unauthenticated attacker can execute arbitrary SQL commands in application's database and gain complete control over the vulnerable web application.
The following exploitation example displays version of MySQL server:
http://[host]/index.php?language=0%27%20UNION%20SELECT%201,2,3,4,version%28%29,6,7,8%20--%202
Solution: Unofficial patch was developed by High-Tech Bridge Security Research Lab and is available here: https://www.htbridge.com/advisory/HTB23181-patch.zip
References:
- High-Tech Bridge Advisory HTB23181 - SQL Injection in Dokeos.
- Dokeos - the flexible, enterprise-ready e-learning software.
No comments:
Post a Comment