AOH :: HP Unsorted E :: BT-21707.HTM

Engeman - SQL Injection Vulnerability (vendor url erratum)



Engeman - SQL Injection Vulnerability (vendor url erratum)
Engeman - SQL Injection Vulnerability (vendor url erratum)



Engeman is a Brasilian software for maintenance control.

Version tested: 6.x.x and prior. Next versions appears vulnerable too.

The attacker can inject sql codes in username  textbox:

SQL dump affter injection:

select nome,senha,diasexp,dataltsen,permitetroca from cfgusr where nome='NULL' OR NOME<>'1'

select nomegrupo from cfgusr where ignoragrupo='N' and nome='NULL' OR NOME='1'

In firebird the attack have a low impact, but in SQL Server may compromisse the server.

**** The version tested is a made in DELPH language, NOT is a Web Software! ****

Vendor site: www.engeman.com.br.

Plase, give the credits to: Crash and _Sl0t_ - DcLabs

Trank=B4s.

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.