Source: Bug. Center. Team
Affected Versions:
WoDig 4.1.2
Program introduction:
WODIG is a well-designed Chinese DIGG Community open source program. It is the best solution for DIGG community programs in the Windows NT service environment.
Vulnerability Analysis:
In the wodig. asp file:
Tags_name = Request ("tags_name") // 13th rows
......
<% Call Default. Get_MainContent ("wodig. asp") %> // row 105th
The Get_MainContent process is in the file/WoLib/Cls_Class.asp:
Public Sub Get_MainPP (pageurl) // row 827th
......
If tags_name <> "" then // row 839th
SQL = SQL & "and Src_ID in (Select SrcTag_SrcID From wo_SrcTags Where SrcTag_Name =" & tags_name &")"
End if
The program does not filter the tags_name variable in the SQL statement, leading to the injection vulnerability.
Vulnerability exploitation:
Http://www.target.com/wodig.asp? Tags_name =
Solution:
Vendor patch
WoDig
------------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.wodig.com/