You are here: start » security » glfusion-2009-03-30
Table of Contents

"order" and "direction" SQL Injection Vulnerabilities

Critical: Moderately critical

Impact: Manipulation of data

Where: Remote

Solution Status: Vendor Patch

Description

Some vulnerabilities have been reported in glFusion, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the “order” and “direction” parameters to private/system/classes/listfactory.class.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerabilities are reported in version 1.1.2 and prior.

Solution

Apply patch.

http://www.glfusion.org/listfactory.class.zip

http://www.glfusion.org/article.php/security_20090329

This vulnerability has been fixed in glFusion v1.1.3 and later

Provided and/or discovered by

Nine:Situations:Group

CVE References

No CVE references

security/glfusion-2009-03-30.txt · Last modified: 2010/02/02 02:12 (external edit)
 
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3