Articles with tag: Referer
POSTED BY:
Dimitrios Glynos
/
03.10.2011
Netvolution referer header SQL injection vulnerability
CENSUS ID: | CENSUS-2011-0001 |
CVE ID: | CVE-2011-3340 |
Affected Products: | Netvolution v2.5.8 (ASP). Other versions may also be vulnerable. |
Class: | Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) (CWE-89) |
Remote: | Yes |
Discovered by: | Patroklos Argyroudis |
Researched and Exploited by: | Dimitris Glynos |
Netvolution v2.5.8 is vulnerable to a blind SQL injection attack in the HTTP “referer” header. A malicious user may utilize this vulnerability to modify content on the vulnerable website, inject malicious javascript code to a visitor’s browser, collect CMS usernames and plaintext passwords and, in some cases, execute commands on the system hosting the database server. This is a critical vulnerability since it does not require authentication and its exploitation may go undetected.