LEPTON Cross Site Scripting, SQL Injection, HTML Injection and Local File Include Vulnerabilities

Bugtraq ID:	52026
Class:	Input Validation Error
CVE:	CVE-2012-0998 CVE-2012-0999 CVE-2012-1000
Remote:	Yes
Local:	No
Published:	Feb 15 2012 12:00AM
Updated:	Feb 15 2012 12:00AM
Credit:	High-Tech Bridge SA Security Research Lab
Vulnerable:	LEPTON LEPTON 1.1.3
Not Vulnerable:	LEPTON LEPTON 1.1.4

LEPTON Cross Site Scripting, SQL Injection, HTML Injection and Local File Include Vulnerabilities

LEPTON is prone to multiple input-validation vulnerabilities, including:

1. A cross-site scripting vulnerability
2. An SQL-injection vulnerability
3. A local file-include vulnerability
4. Multiple HTML-injection vulnerabilities

Exploiting these issues could allow an attacker to execute arbitrary script and PHP code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

LEPTON 1.1.3 is vulnerable; other versions may also be affected.

LEPTON Cross Site Scripting, SQL Injection, HTML Injection and Local File Include Vulnerabilities

An attacker can exploit these issues through a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim to follow a malicious URI.

The following URI is available:

http://www.example.com/admins/login/forgot/index.php?message=%3Cscript%3Ealert%28document.cookie%29;%3C/scrip t%3E

LEPTON Cross Site Scripting, SQL Injection, HTML Injection and Local File Include Vulnerabilities

Solution:
Vendor updates are available. Please see the references for more information.

LEPTON Cross Site Scripting, SQL Injection, HTML Injection and Local File Include Vulnerabilities

References:

• LEPTON Homepage (LEPTON)
  
• Multiple vulnerabilities in LEPTON (High-Tech Bridge SA Security Research Lab)