RTH - Requirements and Testing Hub

Tracker: Bugs

9 SQL injection at the login - ID: 1908792

Last Update: Settings changed ( peter_thal )

Details:

The login code has sql injection which enables anyone to login with any
account which exists at the system. This can be exploited by typing for
example:
admin' OR 'a'='a

to the username. After this it doesn't matter what password you insert. The
sql is evaluated to the format:

SELECT user_id FROM user WHERE username = 'admin' OR 'a'='a' AND
user_password = 'MD5sum of your password'

The bug is at auth_verify_login -function.

Because the sql injection was found at this simple place, you should do
full security related inspection to the code.

My e-mail address is: teme7931@huitsinnevada.info

Submitted:

Nobody/Anonymous ( nobody ) - 2008-03-06 14:39

Priority:

Status:

Closed

Resolution:

None

Assigned:

Peter T.

Category:

Defects

Group:

None

Visibility:

Private

Comments ( 2 )

Date: 2008-07-10 07:24 Sender: peter_thal security update: disabled writing spaces or apostrophe and others into login textfields
Date: 2008-06-06 08:03 Sender: sca_gs thanks for the hint! we will check this!

Log in to comment.

Attached File

Changes ( 5 )

Field	Old Value	Date	By
status_id	Open	2008-07-10 07:24	peter_thal
close_date	-	2008-07-10 07:24	peter_thal
assigned_to	cryobean	2008-07-10 07:18	sca_gs
priority	5	2008-06-06 08:03	sca_gs
assigned_to	nobody	2008-06-06 07:25	sca_gs

RTH - Requirements and Testing Hub

Tracker: Bugs

Comments ( 2 )

Log in to comment.

Attached File

No Files Currently Attached

Changes ( 5 )

About SourceForge

Find Software

Develop Software

Community

Help