Disclosure: SecretSanta SecretSanta.php Malformed Input Remote Path Disclosure Weakness

[This was originally published on OSVDB, now gone, and touched up for style. VulnDB 12143. Discovered while trying to install the script to verify a researcher’s findings.]

SecretSanta.php
Using a ‘ in the account name, full name or group name generates the following error with full install path:

Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result
resource in /export/home/httpd/html/wesmo.com/
secretsanta/secret_santa/lib/groups.php on line 12

After using names/words without that character, I still get this when I try to create account:

Warning: mysql_fetch_row(): supplied argument is not a valid MySQL result
resource in /export/home/httpd/html/wesmo.com/
secretsanta/secret_santa/lib/groups.php on line 12

Leave a Reply

%d bloggers like this: