Release date:
Updated on: 2012-10-07
Affected Systems:
Timesheet Next Gen 1.5.2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 52270
Cve id: CVE-2012-2105
Timesheet Next Gen is the work hour table software.
Timesheet Next Gen 1.5.2 and other versions have multiple SQL injection vulnerabilities. the input of parameter passing in php is not properly filtered, and is used in SQL queries. After successful exploitation, attackers can inject arbitrary SQL code to control the application and access or modify data, or use other vulnerabilities in the lower-level database. You must disable "magic_quotes_gpc" for successful exploitation ".
<* Source: G13
Link: http://www.exploit-db.com/exploits/18554/
*>
Test method:
--------------------------------------------------------------------------------
Alert
The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
Http://www.example.com/timesheet/
POST/timesheet/login. php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv: 10.0.2)
Gecko/ 20100101 Firefox/10.0.2
Accept: text/html, application/xhtml + xml, application/xml; q = 0.9, */*; q = 0.8
Accept-Language: en-us, en; q = 0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http: // localhost/timesheet/login. php
Cookie: PHPSESSID = 3b624f789e37fa3bdade432da
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Redirect = & amp; username = [SQLi] & amp; password = [SQLi] & amp; Login = submit
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Timesheet Next Gen
------------------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Https://www.sourceforge.net/projects/tsheetx/