Meditate Web Content Editor ‘username_input’ – SQL Injection

• Exploit Database
• 16 阅读

• 作者： Stefan Schurtz
  日期： 2011-12-05
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/18202/

• Advisory:	Meditate Web Content Editor 'username_input' SQL-Injection vulnerability
  Advisory ID: 	SSCHADV2011-039
  Author:	Stefan Schurtz
  Affected Software:	Successfully tested on Meditate 1.2
  Vendor URL:	http://www.arlomedia.com/
  Vendor Status: 	fixed
  
  ==========================
  Vulnerability Description
  ==========================
  
  Meditate Web Content Editor is prone to a SQL-Injection vulnerability
  
  ==================
  PoC-Exploit
  ==================
  
  http://<target>/meditate_2.0/index.php?page=login_submit -> POST-Parameter 'username_input=[sql-injection]'
  
  =========
  Solution
  =========
  
  Upgrade to version 1.2.1
  
  ====================
  Disclosure Timeline
  ====================
  
  30-Nov-2011 - Secunia SVCRP (vuln@secunia.com)
  02-Dec-2011 - fixed by vendor
  05-Dec-2011 - release date of this security advisory
  05-Dec-2011 - post on BugTraq
  
  ========
  Credits
  ========
  
  Vulnerability found and advisory written by Stefan Schurtz.
  
  ===========
  References
  ===========
  
  http://www.arlomedia.com/software/meditate/meditate/docs/release_notes.html
  http://www.rul3z.de/advisories/SSCHADV2011-039.txt
  http://secunia.com/advisories/47010/