[VIM] MaxTrade - vendor ack and second bug?

security curmudgeon jericho at attrition.org
Tue Jun 27 17:44:30 EDT 2006


Amusing comment left on the OSVDB 25122 entry:

Comment from Avalon Ltd. (83.228.39.7):
SOLUTION: Sanitised 3 files. For can not be exploited to manipulate SQL 
queries by injecting arbitrary SQL code. Upgrade to MAXTrade v1.0.3 
STATUS: Fixed
BUG 002: Sanitized search.php for can not be exploited to manipulate SQL 
queries by injecting arbitrary SQL code SOLUTION: Upgrade to MAXTrade 
v1.0.2 STATUS: Fixed This site www.osvdb.org sucks !!!!! VERY OLD UP TO 
DATE DATA !!!!


The vendor URL is http://softdivision.com/, which is different than the 
original pridels link. Looking at the 'bug tracker' link we see the r0t 
disclosed issue, but it also mentions a search.php sql injection as well, 
which was not disclosed by r0t apparently.

http://softdivision.com/info.php?info=83&stranica=menu

     * BUG 001:

Vuln. discovered by :
r0t http://pridels.blogspot.com/2006/04/MAX-Trade-sql-inj.html
Date: 30 april 2006
vendorlink:http://www.softdivision.com/info.php?info=83&stranica=menu
affected versions:1.0.1 and prior
###############################################
Vuln. Description:
MAX-Trade contains a flaw that allows a remote sql injection attacks. 
Input
passed to the "categori" and "stranica" parameter in "pocategories.php" 
isn't
properly sanitized before being used in a SQL query. This can be exploited 
to
manipulate SQL queries by injecting arbitrary SQL code.

examples:
/pocategories.php?stranica=categories&categori=[SQL]
/pocategories.php?stranica=[SQL]

SOLUTION:
Sanitised 3 files. For can not be exploited to manipulate SQL queries by
injecting arbitrary SQL code. Upgrade to "MAX-Trade" v1.0.3

STATUS: Fixed

-------------------------------------------------------------------------------

     * BUG 002:

Sanitized search.php for can not be exploited to manipulate SQL
queries by injecting arbitrary SQL code

SOLUTION:
Upgrade to "MAX-Trade" v1.0.2

STATUS: Fixed


More information about the VIM mailing list