AppSec Blog: Category - Spot the Vuln

Spot the Vuln - Wood - SQL injection

Details Affected Software: WordPress Core Fixed in Version: 2.2 Issue Type: SQL Injection Original Code: Found Here Description This is a fairly straight forward SQL Injection bug here. First, although we can't see exactly where $args[] is set, we have some strong clues that it contains user/attacker controlled data. For example, the first function on … Continue reading Spot the Vuln - Wood - SQL injection


Spot the Vuln - Wood

Remember, a chip on the shoulder is a sure sign of wood higher up. - Brigham Young Spot the Vuln uses code snippets from open source applications to demonstrate vulnerabilities in real world web applications. Every Monday morning a vulnerable code snippet is posted. Take a look at the vulnerable code and try to identify … Continue reading Spot the Vuln - Wood


Spot the Vuln - Vegetables - SQL Injection

Details Affected Software: Short URL Plugin Fixed in Version: Changeset 55280 Issue Type: SQL Injection Original Code: Found Here Description This weeks' vulnerabilities were a couple of SQL injection bugs in the Short URL Plugin for WordPress. The symptoms for the issues indicate classic SQL injection, let's have a quick look at the code. First, … Continue reading Spot the Vuln - Vegetables - SQL Injection


Spot the Vuln - Vegetables

People need trouble — a little frustration to sharpen the spirit on, toughen it. Artists do; I don't mean you need to live in a rat hole or gutter, but you have to learn fortitude, endurance. Only vegetables are happy. - William Faulkner Spot the Vuln uses code snippets from open source applications to demonstrate … Continue reading Spot the Vuln - Vegetables


Spot the Vuln - Sleep - SMTP Command Injection

Details Affected Software: PunBB Fixed in Version: 1.3.2 Issue Type: SMTP Command Injection Original Code: Found Here Description Interesting bug here. In 2008, Stefan Esser reported a bug to the PunBB team which described a SMTP command injection vulnerability. If we look at the code below, we see that PunBB opens a socket connection to … Continue reading Spot the Vuln - Sleep - SMTP Command Injection