SecurityvulnsSECURITYVULNS:DOC:15845[Full-disclosure] [OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed
========================================================================
Openads security advisory OPENADS-SA-2007-001
Advisory ID: OPENADS-SA-2007-001
Date: 2007-Jan-24
Security risk: low risk
Applications affetced: phpAdsNew, phpPgAds
Versions affected: <= phpAdsNew 2.0.9-pr1, phpPgAds 2.0.9-pr1
Versions not affected: >= Openads 2.0.10, Openads for PostgreSQL 2.0.10
========================================================================
Vulnerability: Cross-site scripting
Description
This is the description of the vulnerability recieved by JPCERT:
"We have confirmed that in admin-search.php, scripts included in
'keyword' parameter is shown without proper sanitization thus the
script could be executed.
However a user needs to login the system as administrator, which makes
the exploit technically difficult.
If this vulnerability is exploited, by script execution, a user's
session ID included in HTTP Cookie might be stolen. Also there's a risk
that the contents of phpAdsNew are falsified temporarily."
References
- JVN#07274813: http://jvn.jp/jp/JVN%2307274813/index.html
Solution
- The vulnerability was fixed in Openads and Openads for PostgreSQL
2.0.10 (released on Jan 18th), but we suggest you to upgrade to
Openads or Openads for PostgreSQL 2.0.11 released today.
Contact informations
The security contact for Openads can be reached at:
<security AT openads DOT org>
Best regards
Matteo Beccati
http://www.openads.org
http://phpadsnew.com
http://phppgads.com
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/