From: Secunia Security Advisories (sec-advsecunia.com)
Date: Tue Jul 08 2003 - 07:00:58 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Greymatter PHP Injection Vulnerability

READ ONLINE:
http://www.secunia.com/advisories/9189/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
From remote

SOFTWARE:
Greymatter 1.x

DESCRIPTION:
Greymatter version 1.21d was priorly released to fix a vulnerability,
which could be exploited by malicious people execute arbitrary PHP
code on a vulnerable system. However, it has been reported that this
vulnerability has not been fixed properly.

The vulnerability is caused due to an input validation error in the
comments system. Greymatter now checks for the tags "<?" and "?>",
but neglects to check for "<script language="php">" or "<%". It is
therefore still possible to inject arbitrary PHP code in various
fields.

SOLUTION:
Edit the source code to filter malicious characters properly, or use
another product.

REPORTED BY / CREDITS:
Originally discovered by: Naz
Discovered in latest version by: FraMe

ORIGINAL ADVISORY:
http://foshdawg.net/forums/viewtopic.php?t=5055

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]