phpMyQuote Index.PHP SQL Injection and Cross-Site Scripting Vulnerabilities
BID:25615
Info
phpMyQuote Index.PHP SQL Injection and Cross-Site Scripting Vulnerabilities
| Bugtraq ID: | 25615 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-4835 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 10 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | Yollubunlar.org is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
phpMyQuote phpMyQuote 0.20 |
| Not Vulnerable: | |
Discussion
phpMyQuote Index.PHP SQL Injection and Cross-Site Scripting Vulnerabilities
phpMyQuote is prone to multiple input-validation vulnerabilities, including a cross-site scripting issue and an SQL-injection issue, because the application fails to sanitize user-supplied input.
A successful exploit may allow an attacker to steal cookie-based authentication credentials, execute malicious script code in a user's browser, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
These issues affect phpMyQuote 0.20; other versions may also be vulnerable.
phpMyQuote is prone to multiple input-validation vulnerabilities, including a cross-site scripting issue and an SQL-injection issue, because the application fails to sanitize user-supplied input.
A successful exploit may allow an attacker to steal cookie-based authentication credentials, execute malicious script code in a user's browser, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
These issues affect phpMyQuote 0.20; other versions may also be vulnerable.
Exploit / POC
phpMyQuote Index.PHP SQL Injection and Cross-Site Scripting Vulnerabilities
To exploit a cross-site scripting vulnerability, an attacker entices an unsuspecting victim to follow a malicious URI. The attacker can exploit SQL-injection vulnerabilities through a browser.
The following proof-of-concept URIs are available:
http://example.com/script_path/index.php?action=edit&id=[Sql injection]
http://example.com/script_path/index.php?action=edit&id=[XSS]
To exploit a cross-site scripting vulnerability, an attacker entices an unsuspecting victim to follow a malicious URI. The attacker can exploit SQL-injection vulnerabilities through a browser.
The following proof-of-concept URIs are available:
http://example.com/script_path/index.php?action=edit&id=[Sql injection]
http://example.com/script_path/index.php?action=edit&id=[XSS]
Solution / Fix
phpMyQuote Index.PHP SQL Injection and Cross-Site Scripting Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
phpMyQuote Index.PHP SQL Injection and Cross-Site Scripting Vulnerabilities
References:
References: