← Advisories

AContent 1.1 Multiple SQL Injection Vulnerabilities

Medium
Advisory ID
ZSL-2011-5031
Release Date
06 August 2011
Vendor
ATutor (Inclusive Design Institute) - http://www.atutor.ca
Affected Version
1.1 (build r296)
CVE
N/A
Tested On
Microsoft Windows XP Professional SP3 (EN), Apache 2.2.14 (Win32), PHP 5.3.1, MySQL 5.1.41
Summary

AContent is an open source learning content authoring system and respository used to create interoperable, accessible, adaptive Web-based learning content. It can be used along with learning management systems to develop, share, and archive learning materials.

Description

Input passed via multiple parameters in multiple scripts is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Proof of Concept
acontent_sqli.txtTXT
Disclosure Timeline
03.08.2011Submited vulnerability details to vendor's bug tracking system.
05.08.2011No reaction from vendor.
06.08.2011Public security advisory released.
23.09.2011Vendor releases fix.
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]http://atutor.ca/atutor/mantis/view.php?id=4804
[2]http://www.exploit-db.com/exploits/17629/
[3]http://securityreason.com/wlb_show/WLB-2011080047
[4]http://packetstormsecurity.org/files/103759
[5]http://www.securityfocus.com/bid/49066
[6]http://secunia.com/advisories/45560
[7]http://xforce.iss.net/xforce/xfdb/69075
[8]http://osvdb.org/show/osvdb/74468
[9]http://osvdb.org/show/osvdb/74469
[10]http://osvdb.org/show/osvdb/74470
[11]http://osvdb.org/show/osvdb/74471
[12]http://osvdb.org/show/osvdb/74472
[13]http://osvdb.org/show/osvdb/74473
[14]http://osvdb.org/show/osvdb/74474
[15]http://osvdb.org/show/osvdb/74475
[16]http://osvdb.org/show/osvdb/74476
[17]http://osvdb.org/show/osvdb/74477
[18]http://osvdb.org/show/osvdb/74478
[19]http://osvdb.org/show/osvdb/74479
[20]http://osvdb.org/show/osvdb/74480
[21]http://osvdb.org/show/osvdb/74481
Changelog
06.08.2011Initial release
08.08.2011Added reference [4] and [5]
09.08.2011Added reference [6]
11.08.2011Added reference [7]
12.08.2011Added reference [8], [9], [10], [11], [12], [13], [14], [15], [16], [17], [18], [19], [20] and [21]
23.09.2011Added vendor status