Zoph Cross-Site Scripting and SQL Injection Vulnerabilities
BID:30116
Info
Zoph Cross-Site Scripting and SQL Injection Vulnerabilities
| Bugtraq ID: | 30116 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-6837 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 07 2008 12:00AM |
| Updated: | May 07 2015 05:27PM |
| Credit: | Julian Rodriguez |
| Vulnerable: |
Zoph Zoph 0.7.2.1 |
| Not Vulnerable: | |
Discussion
Zoph Cross-Site Scripting and SQL Injection Vulnerabilities
Zoph is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Zoph 0.7.2.1 is vulnerable; other versions may also be affected.
UPDATE (July 2, 2009): The vendor disputes that Zoph is affected by these issues. Recent versions of Zoph are reported not vulnerable.
Zoph is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Zoph 0.7.2.1 is vulnerable; other versions may also be affected.
UPDATE (July 2, 2009): The vendor disputes that Zoph is affected by these issues. Recent versions of Zoph are reported not vulnerable.
Exploit / POC
Zoph Cross-Site Scripting and SQL Injection Vulnerabilities
An attacker can exploit these issues via a browser. To exploit a cross-site scripting vulnerability, the attacker must entice a victim user to follow a malicious URI.
The following example URI is available:
http://www.example.com/demo/search.php?_action=search&_off=[EvilScript]
The following login credentials are reported to trigger this issue:
username: '--
password: '--
An attacker can exploit these issues via a browser. To exploit a cross-site scripting vulnerability, the attacker must entice a victim user to follow a malicious URI.
The following example URI is available:
http://www.example.com/demo/search.php?_action=search&_off=[EvilScript]
The following login credentials are reported to trigger this issue:
username: '--
password: '--
Solution / Fix
Zoph Cross-Site Scripting and SQL Injection Vulnerabilities
Solution:
The vendor reports that recent versions of Zoph are not affected by these issues. Please contact the vendor for more information.
Solution:
The vendor reports that recent versions of Zoph are not affected by these issues. Please contact the vendor for more information.