PHProfession Multiple Vulnerabilities
BID:10190
Info
PHProfession Multiple Vulnerabilities
| Bugtraq ID: | 10190 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 21 2004 12:00AM |
| Updated: | Apr 21 2004 12:00AM |
| Credit: | Discovery of these issues is credited to Janek Vind <[email protected]>. |
| Vulnerable: |
phProfession phProfession 2.5 |
| Not Vulnerable: | |
Discussion
PHProfession Multiple Vulnerabilities
Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were reported.
Exploitation of these issues may reveal sensitive information, allow for account hijacking, content manipulation and attacks against the underlying database.
These issues were reported to exist in phProfession 2.5. Other versions may also be affected.
Multiple vulnerabilities were reported to exist in phProfession, which is a third-party module for PostNuke. Path disclosure, cross-site scripting and SQL injection vulnerabilities were reported.
Exploitation of these issues may reveal sensitive information, allow for account hijacking, content manipulation and attacks against the underlying database.
These issues were reported to exist in phProfession 2.5. Other versions may also be affected.
Exploit / POC
PHProfession Multiple Vulnerabilities
Some proof-of-concept examples were provided.
Path disclosure example:
http://www.example.com/postnuke0726/modules/phprofession/upload.php
Cross-site scripting:
http://www.example.com/postnuke0726/modules.php?op=modload&name=phprofession&file=upload&jcode=[xss code here]
SQL Injection:
http://www.example.com/postnuke0726/modules.php?op=modload&name=phprofession&file=index&offset=foobar
Some proof-of-concept examples were provided.
Path disclosure example:
http://www.example.com/postnuke0726/modules/phprofession/upload.php
Cross-site scripting:
http://www.example.com/postnuke0726/modules.php?op=modload&name=phprofession&file=upload&jcode=[xss code here]
SQL Injection:
http://www.example.com/postnuke0726/modules.php?op=modload&name=phprofession&file=index&offset=foobar
Solution / Fix
PHProfession Multiple Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
PHProfession Multiple Vulnerabilities
References:
References:
- phProfession Homepage (phProfession)
- [waraxe-2004-SA#021 - Multiple vulnerabilities in phprofession 2.5 module for Po (Janek Vind
)