|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA10553] PostNuke SQL Injection and Cross Site Scripting Vulnerabilities
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Tue Jan 06 2004 - 10:16:53 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
PostNuke SQL Injection and Cross Site Scripting Vulnerabilities
SECUNIA ADVISORY ID:
SA10553
VERIFY ADVISORY:
http://www.secunia.com/advisories/10553/
CRITICAL:
Moderately critical
IMPACT:
Exposure of system information, Exposure of sensitive information,
Manipulation of data, Cross Site Scripting
WHERE:
From remote
SOFTWARE:
PostNuke 0.x
DESCRIPTION:
JeiAr has reported vulnerabilities in PostNuke, which can be
exploited to conduct Cross Site Scripting and SQL injection attacks.
The "ttitle" parameter in the "Downloads" module isn't properly
verified. This can be exploited to inject malicious HTML and script
code.
The "sortby" parameter in the "Members_List" module isn't properly
verified, which can be exploited to inject or manipulate SQL
queries.
The vulnerabilities have been reported in version 0.726. Prior
versions may also be affected.
SOLUTION:
The SQL injection vulnerability has been fixed in version 0.726-1.
http://download.postnuke.com/pafiledb.php?action=category&id=45
The Cross Site Scripting vulnerability has not been fixed.
Filter malicious characters and character sequences in a HTTP proxy.
PROVIDED AND/OR DISCOVERED BY:
JeiAr
ORIGINAL ADVISORY:
http://www.gulftech.org/01032004.php
http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2535
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://www.secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://www.secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]