Title: WWWThreads SQL Command Input Vulnerability
Severity: MODERATE
Description:
WWWThreads is a web bulletin board program that uses an SQL backend. Due to incomplete input validation, it is possible for an attacker to submit SQL commands through forms and manipulate the contents of the database to gain administrator privileges over the database.
There are various ways for a program to ensure that all entries into data fields are interpreted as data and not SQL commands. WWWThreads uses the quote() function to do this on string values, but fails to verify numeric values in a similar manner. Therefore, SQL commands can be passed to WWWThreads via any numeric argument. These commands can be used to update the status of any user to Administrator and change their security level to '100' (the same level as the Administrator).
Affected Products:
- Wired Community Software WWWThreads 5.0.0
References:
- Wired Community Software: WWWThread Support Forum Post
- Wired Community Software: WWWThreads Home Page
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
