|
|
Family: CGI abuses --> Category: attack
ModernBill 4.3.0 and older Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple vulnerabilities in ModernBill 4.3.0 and older
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that suffers from
multiple vulnerabilities.
Description :
The version of ModernBill installed on the remote host is subject to
multiple vulnerabilities :
- A Remote File Include Vulnerability
The application fails to sanitize the parameter 'DIR' before
using it in the script 'news.php'. A possible hacker can exploit
this flaw to browse or execute arbitrary files on the remote
host. Further, if PHP's 'allow_url_fopen' setting is enabled,
files to be executed can even come from a web server
under the attacker's control.
- Multiple Cross-Site Scripting Vulnerabilities
A possible hacker can inject arbitrary HTML and script code via the
parameters 'c_code' and 'aid' in the script 'orderwiz.php' in
order to steal cookie-based authentication credentials for
the remote host or launch other such attacks.
See also :
http://www.gulftech.org/?node=research&article_id=00067-04102005
http://archives.neohapsis.com/archives/bugtraq/2005-04/0129.html
http://www.moderngigabyte.com/modernbill/forums/showthread.php?t=20520
Solution :
Upgrade to ModernBill 4.3.1 or later.
Threat Level:
Medium / CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
