rotelok / weblabyrinth

Automatically exported from code.google.com/p/weblabyrinth
0 stars 0 forks source link

SQL Injection #1

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
There are multiple SQL injections found within the labyrinth.inc.php file which 
can be exploited.

This is due to parameters being passed into SQL strings without being correctly 
sanitised, an example of which can be found at:

$this->crawler_info = $this->dbhandle->query("SELECT crawler_ip FROM crawlers 
WHERE crawler_ip='$ip' AND crawler_useragent='$useragent'");

Where if the browser User Agent is changed to something like:

RANDOM USER AGENT' UNION SELECT '1

then arbitrary SQL commands can be executed.

Original issue reported on code.google.com by email....@gmail.com on 4 May 2011 at 7:12

GoogleCodeExporter commented 9 years ago
Problem Verified. #epicfail

Original comment by b...@mayhemiclabs.com on 7 May 2011 at 8:08

GoogleCodeExporter commented 9 years ago
Banged out a quick fixed. Should be all set as of r14. Can you please check to 
make sure it works? Thanks!

Original comment by b...@mayhemiclabs.com on 7 May 2011 at 8:14