Friday, February 8, 2008

advanced guestbook vulnerability

its not a new vulnerability in "advanced guestbook"
but i am posting it here because still no patch is issued for fixing it.

as per bugtraq,
It has been reported that Advanced Guestbook is prone to a SQL injection vulnerability that could allow an attacker to gain administrative access to the application.

This issue is reported to exist in Advanced Guestbook 2.2, however, it is possible that other versions are affected as well.

The following proof of concept exploits have been provided:

JQ explains that it is possible to trigger this issue by leaving the username entry blank and entering the following string in the password field:

') OR ('a' = 'a

Spy Hat comments that it is also possible to leverage this issue by leaving the password field blank and entering the following string into the username field:

? or 1=1 --

For laymen:

in simple terms,
Advanced Guestbook v2.2 has an SQL injection problem which allows unauthorized access.
proof of concept can be found by googling for "intitle:guestbook "advanced guestbook 2.2 powered""

this google query shows results for websites with "Advanced Guestbook v2.2" installed an attacker can select any of the results, and use this sql injection to gain unauthorized access.

it is strongly recommended to change the name/location of www.example.com/guestbook/admin.php"
also, This vulnerability is reportedly fixed in version 2.3.1.
update your version immediately if you are still running the old version.
Posted by at

2 comments:

Unknown said...

pusat ayam jago bangkok

May 28, 2018 at 3:45 AM
Addhunters said...

appreciable article We at Addhunters shifted this service to a level much higher than the broker concept. you can see more details like this article Good location

March 5, 2020 at 9:29 PM

Post a Comment

Subscribe to: Post Comments (Atom)