|
|
Family: CGI abuses --> Category: attack
CoolForum XSS and SQL Injection Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for cross-site scripting and SQL injection vulnerabilities in CoolForum
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that suffers
from multiple issues.
Description :
The remote host is running a version of CoolForum that suffers from
multiple input validation vulnerabilities.
- Multiple SQL Injection Vulnerabilities
Due to a failure to properly sanitize user-input supplied
through the 'pseudo' parameter of the 'admin/entete.php' script
and the 'ilogin' parameter of the 'register.php' script, an
attacker may be able to manipulate SQL queries and view
arbitrary database contents.
- A Cross-Site Scripting Vulnerability
It is possible to inject arbitrary script and HTML code into the
'img' parameter of the 'avatar.php' script. A possible hacker can
exploit these flaws to cause code to run on a user's browser
within the context of the remote site, enabling him to steal
authentication cookies, access data recently submitted by the
user, and the like.
See also :
http://securitytracker.com/alerts/2005/Mar/1013474.html
Solution :
Upgrade to CoolForum version 0.8.1 or later.
Threat Level:
Medium / CVSS Base Score : 6
(AV:R/AC:H/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
