webERP Information Disclosure, SQL Injection, and Cross Site Scripting Vulnerabilities
BID:50713
Info
webERP Information Disclosure, SQL Injection, and Cross Site Scripting Vulnerabilities
| Bugtraq ID: | 50713 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 17 2011 12:00AM |
| Updated: | Nov 17 2011 12:00AM |
| Credit: | High-Tech Bridge SA Security Research Lab |
| Vulnerable: |
webERP webERP 4.3.8 webERP webERP 4.0.1 webERP webERP 4.05 |
| Not Vulnerable: |
webERP webERP 4.06RC2 |
Discussion
webERP Information Disclosure, SQL Injection, and Cross Site Scripting Vulnerabilities
webERP is prone to information-disclosure, SQL-injection, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input.
An attacker may exploit the information-disclosure issue to gain access to sensitive information that may lead to further attacks.
An attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
webERP 4.0.5 is vulnerable; prior versions may also be affected.
webERP is prone to information-disclosure, SQL-injection, and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input.
An attacker may exploit the information-disclosure issue to gain access to sensitive information that may lead to further attacks.
An attacker may exploit the SQL-injection issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
An attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
webERP 4.0.5 is vulnerable; prior versions may also be affected.
Exploit / POC
webERP Information Disclosure, SQL Injection, and Cross Site Scripting Vulnerabilities
An attacker can use a Web browser to exploit these issues.
The following example URLs are available:
An attacker can use a Web browser to exploit these issues.
The following example URLs are available:
Solution / Fix
webERP Information Disclosure, SQL Injection, and Cross Site Scripting Vulnerabilities
Solution:
Vendor updates are available. Please see the references for more information.
Solution:
Vendor updates are available. Please see the references for more information.
References
webERP Information Disclosure, SQL Injection, and Cross Site Scripting Vulnerabilities
References:
References:
- webERP Homepage (webERP)
- Multiple vulnerabilities in webERP ([email protected])
- Multiple vulnerabilities in webERP (High-Tech Bridge SA Security Research Lab)