HomePH Design Multiple Administrator Scripts Multiple Input Validation Vulnerabilities
BID:29896
Info
HomePH Design Multiple Administrator Scripts Multiple Input Validation Vulnerabilities
| Bugtraq ID: | 29896 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 23 2008 12:00AM |
| Updated: | Jun 23 2008 12:00AM |
| Credit: | CraCkEr |
| Vulnerable: |
HomePH Design HomePH Design 2.10 RC2 |
| Not Vulnerable: | |
Discussion
HomePH Design Multiple Administrator Scripts Multiple Input Validation Vulnerabilities
HomePH Design is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These issues include a remote file-include issue, five local file-include issues, and five cross-site scripting issues.
Attackers can exploit the remote file-include issue to execute arbitrary script code in the context of the webserver process. They can exploit the local file-include issues to execute arbitrary local scripts in the context of the webserver process, potentially obtaining sensitive information. They can exploit cross-site scripting issues to steal cookie-based authentication credentials. Other attacks are possible; information harvested can aid in further attacks.
HomePH Design 2.10 RC2 is vulnerable; other versions may also be affected.
HomePH Design is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These issues include a remote file-include issue, five local file-include issues, and five cross-site scripting issues.
Attackers can exploit the remote file-include issue to execute arbitrary script code in the context of the webserver process. They can exploit the local file-include issues to execute arbitrary local scripts in the context of the webserver process, potentially obtaining sensitive information. They can exploit cross-site scripting issues to steal cookie-based authentication credentials. Other attacks are possible; information harvested can aid in further attacks.
HomePH Design 2.10 RC2 is vulnerable; other versions may also be affected.
Exploit / POC
HomePH Design Multiple Administrator Scripts Multiple Input Validation Vulnerabilities
Attackers can exploit these issues using a browser. To exploit a cross-site scripting issue an attacker must entice an unsuspecting user to follow a specially crafted URI.
The following example URIs are avaialble:
http://www.example.com/path/admin/templates/template_thumbnail.php?thumb_template=[SHELL]
http://www.example.com/path/admin/templates/template_thumbnail.php?thumb_template=[LFI]
http://www.example.com/path/admin/features/account/account.php?language=[LFI]
http://www.example.com/path/admin/features/downloads/downloads.php?language=[LFI]
http://www.example.com/path/admin/features/forum/forum.php?language=[LFI]
http://www.example.com/path/admin/features/fotogalerie/delete.php?language=[LFI]
http://www.example.com/path/admin/features/fotogalerie/fotogalerie.php?language=[LFI]
http://www.example.com/path/admin/features/register/register.php?error_meldung=[XSS]
http://www.example.com/path/admin/features/memberlist/memberlist.php?feature_language[ueberschrift]=[XSS]
http://www.example.com/path/admin/features/lostpassword/lostpassword.php?language_array[ueberschrift]=[XSS]
http://www.example.com/path/admin/features/kalender/eingabe.php?language_feature[titel]=[XSS]
http://www.example.com/path/admin/features/fotogalerie/eingabe.php?language_feature[bildmenu]=[XSS]
Attackers can exploit these issues using a browser. To exploit a cross-site scripting issue an attacker must entice an unsuspecting user to follow a specially crafted URI.
The following example URIs are avaialble:
http://www.example.com/path/admin/templates/template_thumbnail.php?thumb_template=[SHELL]
http://www.example.com/path/admin/templates/template_thumbnail.php?thumb_template=[LFI]
http://www.example.com/path/admin/features/account/account.php?language=[LFI]
http://www.example.com/path/admin/features/downloads/downloads.php?language=[LFI]
http://www.example.com/path/admin/features/forum/forum.php?language=[LFI]
http://www.example.com/path/admin/features/fotogalerie/delete.php?language=[LFI]
http://www.example.com/path/admin/features/fotogalerie/fotogalerie.php?language=[LFI]
http://www.example.com/path/admin/features/register/register.php?error_meldung=[XSS]
http://www.example.com/path/admin/features/memberlist/memberlist.php?feature_language[ueberschrift]=[XSS]
http://www.example.com/path/admin/features/lostpassword/lostpassword.php?language_array[ueberschrift]=[XSS]
http://www.example.com/path/admin/features/kalender/eingabe.php?language_feature[titel]=[XSS]
http://www.example.com/path/admin/features/fotogalerie/eingabe.php?language_feature[bildmenu]=[XSS]
Solution / Fix
HomePH Design Multiple Administrator Scripts Multiple Input Validation Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
HomePH Design Multiple Administrator Scripts Multiple Input Validation Vulnerabilities
References:
References:
- Vendor Homepage (HomePH Design)