PHPX Multiple Input Validation Vulnerabilities
BID:23033
Info
PHPX Multiple Input Validation Vulnerabilities
| Bugtraq ID: | 23033 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 19 2007 12:00AM |
| Updated: | Nov 05 2008 10:55PM |
| Credit: | laurent gaffié is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
PHPX PHPX 3.5.16 PHPX PHPX 3.5.15 |
| Not Vulnerable: | |
Discussion
PHPX Multiple Input Validation Vulnerabilities
PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitrary script code in the context of the webserver process, compromise the application, obtain sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitrary script code in the context of the webserver process, compromise the application, obtain sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
Exploit / POC
PHPX Multiple Input Validation Vulnerabilities
To exploit a cross-site scripting issue, an attacker entices an unsuspecting user into following a malicious URI.
To exploit an SQL-injection issue, the attacker can use a browser.
The following proof-of-concept URIs are available:
http://www.example.com/phpx/gallery.php?action=viewImage&image_id='
http://www.example.com/phpx/news.php?action=view&news_id='
http://www.example.com/phpx/news.php?news_cat_id='&action=view_cat
http://www.example.com/phpx/users.php?action=view&user_id='
http://www.example.com/phpx/news.php?news_id='
http://www.example.com/phpx/forums.php?cat_id='
http://www.example.com/phpx/forums.php?forum_id=1&topic_id='
http://www.example.com/phpx/forums.php?forum_id=1&topic_id=1&post_id='
http://www.example.com/phpx/news.php?action=view_cat&news_cat_id='
http://www.example.com/phpx/gallery.php?action=viewCat&cat_id='
http://www.example.com/phpx/print.php?action=news&news_id='
The following exploit code is available:
To exploit a cross-site scripting issue, an attacker entices an unsuspecting user into following a malicious URI.
To exploit an SQL-injection issue, the attacker can use a browser.
The following proof-of-concept URIs are available:
http://www.example.com/phpx/gallery.php?action=viewImage&image_id='
http://www.example.com/phpx/news.php?action=view&news_id='
http://www.example.com/phpx/news.php?news_cat_id='&action=view_cat
http://www.example.com/phpx/users.php?action=view&user_id='
http://www.example.com/phpx/news.php?news_id='
http://www.example.com/phpx/forums.php?cat_id='
http://www.example.com/phpx/forums.php?forum_id=1&topic_id='
http://www.example.com/phpx/forums.php?forum_id=1&topic_id=1&post_id='
http://www.example.com/phpx/news.php?action=view_cat&news_cat_id='
http://www.example.com/phpx/gallery.php?action=viewCat&cat_id='
http://www.example.com/phpx/print.php?action=news&news_id='
The following exploit code is available:
Solution / Fix
PHPX Multiple Input Validation Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
PHPX Multiple Input Validation Vulnerabilities
References:
References: