Hi,
I was doing a Nessus scan on the windows server on which XAMPP is installed. The scanning revealed the following security holes. I wanted to know what is the solution to these holes:
1.
The following URLs seem to be vulnerable to BLIND SQL injection
techniques :
/xampp/getexcel.php?value=char(0x27)/**/AND/**/char(0x27)achar(0x27)>char(0x27)b
An attacker may exploit this flaws to bypass authentication
or to take the control of the remote database.
Solution : Modify the relevant CGIs so that they properly escape arguments
Risk factor : High
See also : http://www.securitydocs.com/library/2651
2.
The following URLs seem to be vulnerable to BLIND SQL injection
techniques :
/xampp/phonebook.php?phone=&id=3+AND+1=1&firstname=&action=del&lastname=&source=in
/xampp/phonebook.php?phone=&id=3/**/AND/**/1=1&firstname=&action=del&lastname=&source=in
An attacker may exploit this flaws to bypass authentication
or to take the control of the remote database.
Solution : Modify the relevant CGIs so that they properly escape arguments
Risk factor : High
See also : http://www.securitydocs.com/library/2651