SparkleBlog Multiple Input Validation Vulnerabilities
BID:12272
Info
SparkleBlog Multiple Input Validation Vulnerabilities
| Bugtraq ID: | 12272 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 15 2005 12:00AM |
| Updated: | Jan 15 2005 12:00AM |
| Credit: | Discovery of these issues is credited to Kovics Liszli <[email protected]> and l33k_h4ck50y. |
| Vulnerable: |
SparkleBlog SparkleBlog |
| Not Vulnerable: | |
Discussion
SparkleBlog Multiple Input Validation Vulnerabilities
Multiple input validation vulnerabilities reportedly affect SparkleBlog. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions.
The first issue is a cross-site scripting issue and the second issue is an SQL injection issue.
An attacker may leverage these issues to carry out cross-site scripting and SQL injection attacks against the affected application. This may result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks.
Multiple input validation vulnerabilities reportedly affect SparkleBlog. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions.
The first issue is a cross-site scripting issue and the second issue is an SQL injection issue.
An attacker may leverage these issues to carry out cross-site scripting and SQL injection attacks against the affected application. This may result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks.
Exploit / POC
SparkleBlog Multiple Input Validation Vulnerabilities
No exploit is required to leverage these issues. The following proof of concepts have been provided:
Cross-Site Scripting
http://www.example.com/journal.php?id=document.write(unescape(%22%3CSCRIPT%3Ealert(document.domain);%3C/SCRIPT%3E%3CSCRIPT%3Ealert(document.cookie);%3C/SCRIPT%3E%22));
SQL Injection
http://www.example.com/journal.php?id='[SQL]
http://www.example.com/archives.php?id='[SQL]
No exploit is required to leverage these issues. The following proof of concepts have been provided:
Cross-Site Scripting
http://www.example.com/journal.php?id=document.write(unescape(%22%3CSCRIPT%3Ealert(document.domain);%3C/SCRIPT%3E%3CSCRIPT%3Ealert(document.cookie);%3C/SCRIPT%3E%22));
SQL Injection
http://www.example.com/journal.php?id='[SQL]
http://www.example.com/archives.php?id='[SQL]
Solution / Fix
SparkleBlog Multiple Input Validation Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
SparkleBlog Multiple Input Validation Vulnerabilities
References:
References:
- SparkleBlog Project Page (SparkleBlog)
- Various Vulnerabilities in SparkleBlog (
)