[PHP-WEBMASTER] [PHP-BUG] Bug #78558 [NEW]: Information Exposure Through an Error Message

Wed, 18 Sep 2019 03:26:22 -0700 

From:             aboud dot deek at gmail dot com
Operating system: mac os
PHP version:      7.4.0RC1
Package:          Website problem
Bug Type:         Bug
Bug description:Information Exposure Through an Error Message

Description:
------------
When make parameter (bug_type) array , will output Error Sql

when add [] for most parameter in **bugs.php.net** will give us Error
SQL 

Poc:

https://bugs.php.net/search.php?search_for%5B%5D=&boolean=0&limit=30&order_by=&direction=DESC&cmd=display&status=Open&bug_type=here
reflect&project=All&php_os=&phpver=&cve_id=&assign%5B%5D=&author_email=&bug_age=0&bug_updated=0&commented_by=


https://bugs.php.net/search.php?limit=30&order_by=id&direction=DESC&cmd=display&status=Open&bug_type%5Bhereeeeeee%5D=All




Expected result:
----------------
Parameter (bug_type=) is reflecte and It is possible that the hacker can
analyze the query and bypass the protection


if hacker can bypass filter or protection will have SQL Injection and
XSS

https://cwe.mitre.org/data/definitions/209.html


-- 
Edit bug report at https://bugs.php.net/bug.php?id=78558&edit=1
-- 
Fix committed:                    https://bugs.php.net/fix.php?id=78558&r=fixed
Fixed in release:                 
https://bugs.php.net/fix.php?id=78558&r=alreadyfixed
Need backtrace:                   
https://bugs.php.net/fix.php?id=78558&r=needtrace
Need Reproduce Script:            
https://bugs.php.net/fix.php?id=78558&r=needscript
Try newer version:                
https://bugs.php.net/fix.php?id=78558&r=oldversion
Not developer issue:              
https://bugs.php.net/fix.php?id=78558&r=support
Expected behavior:                
https://bugs.php.net/fix.php?id=78558&r=notwrong
Not enough info:                  
https://bugs.php.net/fix.php?id=78558&r=notenoughinfo
Submitted twice:                  
https://bugs.php.net/fix.php?id=78558&r=submittedtwice
register_globals:                 
https://bugs.php.net/fix.php?id=78558&r=globals
PHP version support discontinued: 
https://bugs.php.net/fix.php?id=78558&r=phptooold
Daylight Savings:                 https://bugs.php.net/fix.php?id=78558&r=dst
IIS Stability:                    https://bugs.php.net/fix.php?id=78558&r=isapi
Install GNU Sed:                  https://bugs.php.net/fix.php?id=78558&r=gnused
Floating point limitations:       https://bugs.php.net/fix.php?id=78558&r=float
No Zend Extensions:               https://bugs.php.net/fix.php?id=78558&r=nozend
MySQL Configuration Error:        
https://bugs.php.net/fix.php?id=78558&r=mysqlcfg

-- 
PHP Webmaster List Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to