[原文]Multiple SQL injection vulnerabilities in Simple Document Management System (SDMS) 2.0-CVS and earlier allow remote attackers to execute arbitrary SQL commands via the (1) folder_id parameter in list.php and (2) mid parameter in a view action to messages.php.
Simple Document Management System (SDMS) list.php folder_id Parameter SQL Injection
Remote / Network Access
Loss of Confidentiality,
Loss of Integrity
SDMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the list.php script not properly sanitizing user-supplied input to the 'folder_id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.
Simple Document Management System Simple Document Management System 2.0 -CVS
Simple Document Management System (SDMS) is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org <mailto:email@example.com>.