AZ Photo Album Cross Site Scripting and Arbitrary File Upload Vulnerabilities
BID:53641
Info
AZ Photo Album Cross Site Scripting and Arbitrary File Upload Vulnerabilities
| Bugtraq ID: | 53641 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 20 2012 12:00AM |
| Updated: | May 20 2012 12:00AM |
| Credit: | Eyup CELIK |
| Vulnerable: |
AZ Photo Album AZ Photo Album 0 |
| Not Vulnerable: | |
Discussion
AZ Photo Album Cross Site Scripting and Arbitrary File Upload Vulnerabilities
The AZ Photo Album is prone to a cross-site-scripting and an arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input.
Attackers can exploit these issues to steal cookie information, execute arbitrary client side script code in the context of browser, upload and execute arbitrary files in the context of the webserver, and launch other attacks.
The AZ Photo Album is prone to a cross-site-scripting and an arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input.
Attackers can exploit these issues to steal cookie information, execute arbitrary client side script code in the context of browser, upload and execute arbitrary files in the context of the webserver, and launch other attacks.
Exploit / POC
AZ Photo Album Cross Site Scripting and Arbitrary File Upload Vulnerabilities
Attackers can exploit these issues by enticing an unsuspecting victim to follow a malicious URI.
The following example URIs are available.
http://www.example.com/demo/php-photo-album-script/index.php/%F6%22%20onmouseover=document.write%28%22google.com%22%29%20
http://www.example.com/demo/php-photo-album-script/index.php/?gazpart=suggest
Attackers can exploit these issues by enticing an unsuspecting victim to follow a malicious URI.
The following example URIs are available.
http://www.example.com/demo/php-photo-album-script/index.php/%F6%22%20onmouseover=document.write%28%22google.com%22%29%20
http://www.example.com/demo/php-photo-album-script/index.php/?gazpart=suggest
Solution / Fix
AZ Photo Album Cross Site Scripting and Arbitrary File Upload Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
AZ Photo Album Cross Site Scripting and Arbitrary File Upload Vulnerabilities
References:
References:
- AZ Photo Album Homepage (php4script)