ImgPals Photo Host Remote Input Validation Vulnerability
BID:52195
Info
ImgPals Photo Host Remote Input Validation Vulnerability
| Bugtraq ID: | 52195 |
| Class: | Input Validation Error |
| CVE: |
CVE-2012-4925 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 28 2012 12:00AM |
| Updated: | Mar 19 2015 07:35AM |
| Credit: | Corrado Liotta |
| Vulnerable: |
ImgPals ImgPals Photo Host 1.0 STABLE |
| Not Vulnerable: | |
Discussion
ImgPals Photo Host Remote Input Validation Vulnerability
ImgPals Photo Host is prone to an input-validation vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.
Successful exploits may allow attackers to perform unauthorized actions, like disabling the administrator account. Other attacks are also possible.
ImgPals Photo Host 1.0 STABLE is vulnerable.
ImgPals Photo Host is prone to an input-validation vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query.
Successful exploits may allow attackers to perform unauthorized actions, like disabling the administrator account. Other attacks are also possible.
ImgPals Photo Host 1.0 STABLE is vulnerable.
Exploit / POC
ImgPals Photo Host Remote Input Validation Vulnerability
Attackers can use a browser to exploit this issue.
The following exploit is available:
Attackers can use a browser to exploit this issue.
The following exploit is available:
Solution / Fix
ImgPals Photo Host Remote Input Validation Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
ImgPals Photo Host Remote Input Validation Vulnerability
References:
References: