← Advisories

Pixelpost 1.7.3 Multiple POST Variables SQL Injection Vulnerability

High

Advisory ID

ZSL-2011-4992

Release Date

11 February 2011

Vendor

Pixelpost.org - http://www.pixelpost.org

Affected Version

1.7.3

CVE

CVE-2011-1100

Tested On

Microsoft Windows XP Professional SP3 (EN), Apache 2.2.14 (Win32), PHP 5.3.1, MySQL 5.1.41

Summary

Pixelpost is an open-source, standards-compliant, multi-lingual, fully extensible photoblog application for the web. Anyone who has web-space that meets the requirements can download and use Pixelpost for free!

Description

Pixelpost is vulnerable to an SQL Injection attack when input is passed to several POST parameters (findfid, id, selectfcat, selectfmon, selectftag). The script (admin/index.php) fails to properly sanitize the input before being returned to the user allowing the attacker to compromise the entire DB system and view sensitive information.

Proof of Concept

pixelpost_sql.txtTXT

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]http://packetstormsecurity.org/files/98428

[2]http://www.exploit-db.com/exploits/16160

[3]http://securityreason.com/wlb_show/WLB-2011020049

[4]http://www.securityfocus.com/bid/46348

[5]https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1100

[6]https://nvd.nist.gov/vuln/detail/CVE-2011-1100

Changelog

11.02.2011Initial release

12.02.2011Added reference [1], [2] and [3]

14.02.2011Added reference [4]

25.10.2021Added reference [5] and [6]