PT-2009-4575 · Elvin · Elvin
Sirgod
·
Published
2009-06-19
·
Updated
2017-09-29
·
CVE-2009-2123
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Elvin versions 1.2.0 through 1.2.2
Description
The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the
inUser (aka Username) and inPass (aka Password) parameters to "inc/login.ei", which is reachable through "login.php", and the id parameter to "show bug.php" and "show activity.php".Recommendations
For Elvin version 1.2.0, consider disabling the login functionality until a patch is available.
For Elvin version 1.2.2, restrict access to the "show bug.php" and "show activity.php" pages to minimize the risk of exploitation.
Avoid using the
inUser and inPass parameters in the "inc/login.ei" endpoint, and the id parameter in the "show bug.php" and "show activity.php" endpoints, until the issue is resolved.Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Elvin