WebSpell Multiple Input Validation Vulnerabilities

Bugtraq ID:	22798
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Feb 03 2007 12:00AM
Updated:	Mar 05 2007 04:05PM
Credit:	gmdarkfig is credited with the discovery of this vulnerability.
Vulnerable:	webSPELL webSPELL 4.1.2 webSPELL webSPELL 4.1.1 webSPELL webSPELL 4.1 webSPELL webSPELL 4.0
Not Vulnerable:

WebSpell Multiple Input Validation Vulnerabilities

webSPELL is prone to two input-validation vulnerabilities: an SQL-injection issue and an unauthorized file-upload issue.

A successful SQL-injection attack could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. The unauthorized file-upload vulnerability may let a remote attacker upload and execute malicious PHP scripts.

WebSpell Multiple Input Validation Vulnerabilities

Attackers can exploit this issue via a web client.

The following exploit code is available:

• /data/vulnerabilities/exploits/webSPELL-exploit.php

WebSpell Multiple Input Validation Vulnerabilities

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

WebSpell Multiple Input Validation Vulnerabilities

References:

• Vendor Home Page (webSPELL)
  
• webSPELL <= 4.01.02 Remote PHP Code Execution Exploit ([email protected])